Proposing SQL Statement Coverage Metrics: Difference between revisions

Line 138:

'''Metric''': The input variable coverage criterion can be measured by the percentage of input variables tested at least once by the test set out of total number of input variables found in any target statement in the production code of the system.

'''Input variable coverage''' = ~~'''PLACEHOLDER'''~~

'''Input variable coverage''' = [[File:Sess-eqn-2.png]]

where Test(f) is an input variable used in at least one test.

Line 148:

The relationship between target statement coverage and input variable coverage is not yet known; however, we contend that input variable coverage is a useful, finer-grained measurement.

Input variable coverage has the effect of weighting a target statement which has more input variables more heavily. Since most input variables are each a separate potential vulnerability if not adequately validated, a target statement which contains more input variables is of a higher threat level.

== 4. Related Work ==

@@ Line 138: / Line 138: @@
 '''Metric''': The input variable coverage criterion can be measured by the percentage of input variables tested at least once by the test set out of total number of input variables found in any target statement in the production code of the system.
-'''Input variable coverage''' = '''PLACEHOLDER'''
+'''Input variable coverage''' = [[File:Sess-eqn-2.png]]
 where Test(f) is an input variable used in at least one test.
@@ Line 148: / Line 148: @@
 The relationship between target statement coverage and input variable coverage is not yet known; however, we contend that input variable coverage is a useful, finer-grained measurement.
 Input variable coverage has the effect of weighting a target statement which has more input variables more heavily. Since most input variables are each a separate potential vulnerability if not adequately validated, a target statement which contains more input variables is of a higher threat level.
 == 4. Related Work ==