Testing Security Properties in Java
July 2016

In this paper we describe our initial experience of using mutation testing of Java programs to evaluate the quality of test suites from a security viewpoint. Our focus is on measuring the quality of the test suite associated with the Java Development Kit (JDK) because it provides the core security properties for all applications. We define security-specific mutation operators and determine their usefulness by executing some of the test suites that are publicly available. We summarise our findings and also outline some of the key challenges that remain before mutation testing can be used in practice.

Authors: Padmanabhan Krishnan, Larissa Meinicke

Venue: Workshop on Industrial Software Checking


Hardware and Software, Engineered to Work Together