Fuzz Testing of Application Reliability

Fuzz Testing of Application Reliability
University of Wisconson -- Madison
   1990, 1995
http://www.cs.wisc.edu/~bart/fuzz/fuzz.html

The input is completely random. ... This is sometimes called black box
testing. In the original UNIX studies (1990 and 1995), the random input
was simply random ASCII character streams. For our X-Window study (in
the 1995 study) and our Windows NT study (2000), the random input
included cases that had only valid keyboard and mouse events.

Our reliability criteria is simple: if the application crashes or hangs,
it is considerd to fail the test, otherwise it passes. Note that the
application does not have to respond in a sensible manner to the input,
and it can even quietly exit.
--------------------------------

Groklaw comments:
The study was basically done by subjecting the utilities to random
input, and seeing how often they crashed or hung. The GNU utilities were
the hands-down winners in both cases ...
[xtifr "Quality of Free Software" Wednesday, May 26 2004 @ 07:35 AM EDT]
http://www.groklaw.net/users.php?mode=profile&uid=2449

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed May 26 08:48:03 2004