How to Break Software

<div class="tutorial">

<h1>How to Break Software</h1>
<h3>(CSTP Elective)</h3>


<p><em>This tutorial counts as training towards the <a href="http://www.testinginstitute.com/certification.php">Certified Software Test Professional</a> requirements. </em></p>
<p>What is it that makes a really good tester? I mean a <em>really </em>good tester! What intuition do they have that leads them so surely to the best bugs? </p>
<p>We sought to answer this question by analyzing thousands of bug reports. We attempted to understand each bug in the context of its underlying <em>causal faults </em>, its <em>failure symptoms </em> and the best <em>method to discover </em>its existence. Thus, we would end up with understanding how bugs come into being, how to look for a bug's telltale signature and how we go about finding bugs in the first place. To our great surprise, we invented testing techniques that were not published anywhere. Thus, <em>How to Break Software </em> was created. </p>
<p>This course is a fun, entertaining and educational journey through the testing techniques that make up <em>How to Break Software </em>. You will learn many new and novel ways to force software applications (of whatever variety) to fail. You will also see old, tried-and-true techniques explained in fresh ways. Prepare to learn why software fails and to force it to do just that. </p>
<p><strong>Learn about: </strong></p>
<ul>
  <li>The life-preserver model of software behavior. What does software really do and how can it fail doing it? </li>
  <li>17 ways to break software through its user interface or API. </li>
  <li>Ways to tell of your software is going to fail—before it actually does. </li>
  <li>How to simulate a faulty environment in order to test error paths and exception handlers. </li>
</ul>
<p>And much, much more. <em>How to Break Software </em> is more than a course on testing. It's a course about what it takes to increase you skills to the Jedi level—may the force be with you. </p>
<p><strong>James A. Whittaker </strong> is a professor of computer science at the Florida Institute of Technology. He earned his Ph.D. in computer science from the University of Tennessee in 1992. His research interests are software testing, software security, software vulnerability testing and&nbsp;anti cyber warfare technology. He is the author of How to Break Software , <em>How to Break Software Security </em> (with Hugh Thompson) and over 50 peer-reviewed papers on software development and computer security. He holds patents on various inventions in software testing and defensive security applications and has attracted millions in funding, sponsorship and license agreements while a professor at Florida Tech. He also has served as a testing and security consultant for Microsoft, IBM, Rational and many more US companies. In 2001 he was appointed to Microsoft's Trustworthy Computing Academic Advisory Board and was named a “Top Scholar” by the editors of the <em>Journal of Systems and Software </em> based on his research publications in software engineering. His research team at Florida Tech is known for its testing technologies and tools, which include the highly acclaimed runtime fault injection tool <em>Holodeck </em>. His research group is also well known for their development of exploits against software security, including cracking encryption, passwords and infiltrating protected networks via novel attacks against software defenses. <br>
              
</p>
<p></p>




</div>