Testing Security Properties in Java

Testing Security Properties in Java

Padmanabhan Krishnan, Larissa Meinicke

20 July 2016

In this paper we describe our initial experience of using mutation testing of Java programs to evaluate the quality of test suites from a security viewpoint. Our focus is on measuring the quality of the test suite associated with the Java Development Kit (JDK) because it provides the core security properties for all applications. We define security-specific mutation operators and determine their usefulness by executing some of the test suites that are publicly available. We summarise our findings and also outline some of the key challenges that remain before mutation testing can be used in practice.


Venue : Workshop on Industrial Software Checking