Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Combinatorial Coverage Difference Measurement: Draft White Paper Available
June 22, 2021

A draft NIST Cybersecurity White Paper, Combinatorial Coverage Difference Measurement, is now available for public comment.

Structural coverage criteria are widely used tools in software engineering, useful for measuring aspects of test execution thoroughness. However, in many cases, structural coverage may not be applicable, either because source code is not available, or because processing is based on neural networks or other black-box components. Vulnerability and fault detection in such cases will typically rely on large volumes of tests, to discover flaws that result in system failures or security weaknesses.

This publication explains combinatorial coverage difference measures that have been applied to problems that include fault identification and autonomous systems validation, and documents functions of research tools for computing these measures. The metrics and tools described are introduced as research tools; later work will be useful in determining which are of value in assurance and testing or simulation.

The public comment period is open through August 20, 2021. See the publication details for a copy of the draft and instructions on submitting comments.

Related Topics

Security and Privacy: testing & validation

Technologies: combinatorial testing, software & firmware

Created June 11, 2021, Updated June 22, 2021