software security testing process
(1) Security testing methods
There are many testing methods available for security testing, and currently the main security testing methods include:
Static code security testing: mainly by conducting security scans on the source code, matching it with its unique software security rule library based on data flow, control flow, semantics, and other information in the program, and identifying potential security vulnerabilities in the code. Static source code security testing is a very useful method, as it can identify all possible code with security risks during the coding phase, allowing developers to address potential security issues early on. And precisely because of this, static code testing is more suitable for the early stages of code development, rather than the testing phase.
(2) Reverse security testing process
Most software security testing is conducted based on the principle of reverse design of defect space, which involves checking which areas may have security risks in advance, and then testing against these potential risks. Therefore, the reverse testing process starts from the defect space, establishes a defect threat model, searches for intrusion points through the threat model, and conducts known vulnerability scanning tests on the intrusion points. The advantage is that it can analyze known defects and avoid the existence of known types of defects in the software, but it is usually powerless against unknown attack methods and techniques.
(3) Positive security testing process
In order to avoid the incompleteness of testing caused by the principle of reverse design, a forward testing method is needed to conduct comprehensive testing of software, so that the tested software can prevent unknown attack methods and techniques.
Identify the testing space first. Identify all variable data in the testing space, and due to the high cost of conducting security testing, it is important to focus on identifying the external input layer. For example, in the stages of requirement analysis, summary design, detailed design, and coding, the testing space needs to be identified and a testing space tracking matrix established.
(4) The difference between forward and reverse testing
The forward testing process is based on the testing space to find defects and vulnerabilities, while the reverse testing process is based on the known defect space to find whether the same defects and vulnerabilities will occur in the software. Both have their own advantages and disadvantages. One of the main advantages of the reverse testing process is its low cost, as long as the known possible defects are verified. However, the disadvantage is that the testing is incomplete, unable to fully cover the testing space, and unable to discover unknown attack methods. The advantage of the forward testing process is that the testing is relatively thorough, but the workload is relatively large. Therefore, for software with low security requirements, testing should generally follow the reverse testing process. For software with high security requirements, the forward testing process should be the main approach, with the reverse testing process as a supplement.
