Muutke küpsiste eelistusi

E-raamat: Software Test Attacks to Break Mobile and Embedded Devices

Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 79,30 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Software Test Attacks to Break Mobile and Embedded DevicesSuurem pilt
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

For software testers and testing and development teams, this volume on mobile and embedded computing examines unique problems in the application of techniques from the traditional testing world to new systems and "smart" devices. The work begins with an overview of common mobile and embedded system characteristics, and covers topics such as code based attacks, control systems, hardware based attacks, timer and interrupt attacks, user interface attacks, and mobile and embedded security. The volume also provides detailed information on the development and setup of testing lab practices for examining mobile and embedded devices. The book includes detailed example and provides additional information on external references and additional resources. Hagar is a software engineer and testing expert with extensive experience in mobile and aerospace industries. Annotation ©2013 Book News, Inc., Portland, OR (booknews.com)

Address Errors before Users Find Them
Using a mix-and-match approach, Software Test Attacks to Break Mobile and Embedded Devices presents an attack basis for testing mobile and embedded systems. Designed for testers working in the ever-expanding world of "smart" devices driven by software, the book focuses on attack-based testing that can be used by individuals and teams. The numerous test attacks show you when a software product does not work (i.e., has bugs) and provide you with information about the software product under test.

The book guides you step by step starting with the basics. It explains patterns and techniques ranging from simple mind mapping to sophisticated test labs. For traditional testers moving into the mobile and embedded area, the book bridges the gap between IT and mobile/embedded system testing. It illustrates how to apply both traditional and new approaches. For those working with mobile/embedded systems without an extensive background in testing, the book brings together testing ideas, techniques, and solutions that are immediately applicable to testing smart and mobile devices.

Arvustused

"Using the framework of attacks popularized by James Whittakers books, Jon Duncan Hagar describes those that are relevant here and extends the approach with new attacks specifically for mobile and embedded systems. He provides detailed information and guidance on how to test more effectively and efficiently in the mobile and embedded world. Jon shows you what to test and how to test, giving ideas that you can use to do better testing of mobile devices now and save yourself serious trouble later on. Jons extensive experience (much of it in the embedded world), his thorough research, and his deep knowledge give this book a solid foundation and provide helpful guidance and steps to take in applying testing attacks to mobile and embedded devices." From the Foreword by Dorothy Graham, Software Testing Consultant

"Every tester who wants to keep current needs to read this book, and you can read with confidence knowing you are being guided by the best in this business. Learn by doing, with this book as your guide." From the Foreword by Lisa Crispin, Agile Testing Coach and Practitioner

Foreword xi
Dorothy Graham
Foreword xiii
Lisa Crispin
Preface xv
Acknowledgments xvii
Copyright and Trademarks Declaration Page xix
Introduction xxi
Author xxxiii
Chapter 1 Setting the Mobile and Embedded Framework
1(12)
Objectives Of Testing Mobile And Embedded Software Systems
1(1)
What Is Embedded Software?
2(1)
What Are "Smart" Handheld And Mobile Systems?
3(2)
Why Mobile And Embedded Attacks?
5(1)
Framework For Attacks
6(1)
Beginning Your Test Strategy
6(2)
Attacks On Mobile And Embedded Software
8(1)
If You Are New To Testing
9(1)
An Enlightened Tester Makes A Better Tester
10(3)
Chapter 2 Developer Attacks: Taking The Code Head On
13(20)
Attack 1 Static Code Analysis
14(7)
Attack 2 Finding White-Box Data Computation Bugs
21(4)
Attack 3 White-Box Structural Logic Flow Coverage
25(3)
Test Coverage Concepts For White-Box Structural Testing
28(1)
Note Of Concern In Mobile And Embedded Environments
29(4)
Chapter 3 Control System Attacks
33(26)
Attack 4 Finding Hardware-System Unhandled Uses In Software
33(6)
Attack 5 Hardware-To-Software And Software-To-Hardware Signal Interface Bugs
39(6)
Attack 6 Long-Duration Control Attack Runs
45(4)
Attack 7 Breaking Software Logic And/Or Control Laws
49(5)
Attack 8 Forcing The Unusual Bug Cases
54(5)
Chapter 4 Hardware Software Attacks
59(30)
Attack 9 Breaking Software With Hardware And System Operations
59(6)
Sub-Attack 9.1 Breaking Battery Power
65(1)
Attack 10 Finding Bugs In Hardware-Software Communications
66(3)
Attack 11 Breaking Software Error Recovery
69(5)
Attack 12 Interface And Integration Testing
74(6)
Sub-Attack 12.1 Configuration Integration Evaluation
80(1)
Attack 13 Finding Problems In Software-System Fault Tolerance
80(9)
Chapter 5 Mobile And Embedded Software Attacks
89(18)
Attack 14 Breaking Digital Software Communications
89(5)
Attack 15 Finding Bugs In The Data
94(3)
Attack 16 Bugs In System-Software Computation
97(4)
Attack 17 Using Simulation And Stimulation To Drive Software Attacks
101(6)
Chapter 6 Time Attacks: "It's About Time"
107(36)
Attack 18 Bugs In Timing Interrupts And Priority Inversions
108(6)
State Modeling Example
114(25)
Attack 19 Finding Time-Related Bugs
116(5)
Attack 20 Time-Related Scenarios, Stories, And Tours
121(4)
Attack 21 Performance Testing Introduction
125(14)
Supporting Concepts
139(1)
Completing And Reporting The Performance Attack
140(1)
Wrapping Up
140(3)
Chapter 7 Human User Interface Attacks: "The Limited (and Unlimited) User Interface
143(16)
How To Get Started---The UI
144(15)
Attack 22 Finding Supporting (User) Documentation Problems
146(3)
Sub-Attack 22.1 Confirming Install-Ability
149(1)
Attack 23 Finding Missing Or Wrong Alarms
149(4)
Attack 24 Finding Bugs In Help Files
153(6)
Chapter 8 Smart And/Or Mobile Phone Attacks
159(18)
General Notes And Attack Concepts Applicable To Most Mobile-Embedded Devices
159(18)
Attack 25 Finding Bugs In Apps
161(4)
Attack 26 Testing Mobile And Embedded Games
165(5)
Attack 27 Attacking App-Cloud Dependencies
170(7)
Chapter 9 Mobile/Embedded Security
177(32)
The Current Situation
178(1)
Reusing Security Attacks
178(31)
Attack 28 Penetration Attack Test
180(6)
Attack 28.1 Penetration Sub-Attacks: Authentication'password Attack
186(2)
Attack 28.2 Sub-Attack Fuzz Test
188(1)
Attack 29 Information Theft-stealing Device Data
189(4)
Attack 29.1 Sub-Attack-identity Social Engineering
193(1)
Attack 30 Spoofing Attacks
194(5)
Attack 30.1 Location And/Or User Profile Spoof Sub-Attack
199(1)
Attack 30.2 Gps Spoof Sub-Attack
200(1)
Attack 31 Attacking Viruses On The Run In Factories Or Plcs
201(8)
Chapter 10 Generic Attacks
209(12)
Attack 32 Using Combinatorial Tests
209(6)
Attack 33 Attacking Functional Bugs
215(6)
Chapter 11 Mobile And Embedded System Labs
221(52)
Introduction To Labs
221(1)
To Start
222(1)
Test Facilities
223(1)
Why Should A Tester Care?
224(1)
What Problem Does A Test Lab Solve?
225(2)
Staged Evolution Of A Test Lab
227(1)
Simulation Environments
227(1)
Prototype And Early Development Labs
228(1)
Development Support Test Labs
228(2)
Integration Labs
230(1)
Pre-Product And Product Release (Full Test Lab)
230(1)
Field Labs
230(2)
Other Places Labs Can Be Realized
232(1)
Developing Labs: A Project Inside Of A Project
233(1)
Planning Labs
233(1)
Requirement Considerations For Labs
234(1)
Functional Elements For A Developer Support Lab
234(1)
Functional Elements For A Software Test Lab
235(1)
Test Lab Design Factors
236(2)
Lab Implementation
238(1)
Lab Certification
238(1)
Operations And Maintenance In The Lab
239(1)
Lab Lessons Learned
240(1)
Automation Concepts For Test Labs
241(1)
Tooling To Support Lab Work
241(2)
Test Data Set-Up
243(1)
Test Execution: For Developer Testing
244(1)
Test Execution: General
245(2)
Product And Security Analysis Tools
247(1)
Tools For The Lab Test Results Recording
247(1)
Performance Attack Tooling
248(2)
Basic And Generic Test Support Tools
250(1)
Automation: Test Oracles For The Lab Using Modeling Tools
251(2)
Simulation, Stimulation, And Modeling In The Lab Test Bed
253(3)
Continuous Real-Time, Closed-Loop Simulations To Support Lab Test Environments
256(3)
Keyword-Driven Test Models And Environments
259(1)
Data Collection, Analysis, And Reporting
260(2)
Posttest Data Analysis
262(3)
Posttest Data Reporting
265(2)
Wrap Up: N-Version Testing Problems In Labs And Modeling
267(1)
Final Thoughts: Independence, Blind Spots, And Test Lab Staffing
268(5)
Chapter 12 Some Parting Advice
273(6)
Are We There Yet?
273(1)
Will You Get Started Today?
273(1)
Advice For The "Never Ever" Tester
273(1)
Bug Database, Taxonomies, And Learning From Your History
274(1)
Lessons Learned And Retrospectives
275(1)
Implementing Software Attack Planning
275(2)
Regression And Retest
277(1)
Where Do You Go From Here?
278(1)
Appendix A Mobile And Embedded Error Taxonomy: A Software Error Taxonomy (For Testers) 279(10)
Appendix B Mobile And Embedded Coding Rules 289(4)
Appendix C Quality First: "Defending The Source Code So That Attacks Are Not So Easy," 293(6)
Appendix D Basic Timing Concepts 299(4)
Appendix E Detailed Mapping Of Attacks 303(4)
Appendix F Ui/Gui And Game Evaluation Checklist 307(6)
Appendix G Risk Analysis, Fmea, And Brainstorming 313(6)
References 319(4)
Glossary 323(6)
Index 329
Jon Hagar is the principal (CEO/CTO) and senior software test engineer at Grand Software Testing. For over 30 years he has worked on systems and software engineering, specializing in testing/verification and validation. He is the lead editor on ISO/IEC/IEEE29119 Software Test Standard, a member of the IEEE1012 V&V Plan working group, and co-chair on the OMG UML testing profile standard. Jon holds a patent on web test technologies and has published numerous articles on software reliability, testing, test tools, formal methods, and embedded systems. He has a B.S. in mathematics with a specialization in civil engineering and software from Metropolitan State College in Denver, Colorado, and an M.S. in computer science with a specialization in software engineering and testing from Colorado State University.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97814665753182e.html
Märksõnad: