Articles written in Sadhana
Volume 42 Issue 9 September 2017 pp 1481-1493
Nowadays, the number of software vulnerabilities incidents and the loss due to occurrence of software vulnerabilities are growing exponentially. The current existing security strategies, the vulnerability detection and remediating approaches are not intelligent, automated, self-managed and not competent to combat against the vulnerabilities and security threats, and to provide secured self-managed software environment to the organizations. Hence, there is a strong need to devise an intelligent and automated approach to optimize security and prevent the occurrence of vulnerabilities or mitigate the vulnerabilities. The autonomic computing is a nature-inspired and self-management-based computational model. In this paper, an autonomic-computing-based integrated framework is proposed to detect, fire the trigger of alarm, assess, classify, prioritize, mitigate and manage the software vulnerability automatically. The proposed framework uses a knowledge base and inference engine, which automatically takes the remediating actions on future occurrence of software security vulnerabilities through self-configuration, self-healing, self-prevention and self-optimization as per the needs. The proposed framework is beneficial to industry and society in various aspects because it is an integrated, crossconcern and intelligent framework and provides more secured self-managed environment to the organizations. The proposed framework reduces the security risks and threats, and also monetary and reputational loss. It canbe embedded easily in existing software and incorporated or implemented as an inbuilt integral component of the new software during software development.
Volume 45 All articles Published: 6 June 2020 Article ID 0148
Software development is a continuous process. Among all phases of software development, testing and debugging are the most essential phases. The main intention of testing is to detect maximum faults as soon as possible. After a fault is detected, it must be removed through appropriate debugging approach. Both phases are performed one after another and require different information. Hence, it is arduous to merge them. In fault detection, such test cases are required that are able to detect all the faults with less effort whereas in faultlocalization such test cases are required that are able to reproduce faults and locate them with accuracy. For enhancing the performance of testing, the integration of these two phases with consideration of multi-objective selection of test cases is to be conducted before regression testing. In the current work, an approach for multiobjective test case selection based on statement and diversified mutant coverage has been proposed and compared with existing approaches. For empirical study, SPEA-2, NSGA-2 and VEGA algorithms have been used and experiments were conducted on three applications of the Defects4j database. Outcomes of the study specify that the proposed approach has the ability to detect more faults compared to existing approaches. It is also able to locate all faults that have been detected with fault localization score better or comparable to existing approaches.