Replay Based Testing
I’m new to Wurldtech, but have been in the test industry for most of my career. One thing you learn in the practice of testing is that time truly is of the essence. With an insurmountable number of test cases to choose from the tester has to carefully design where he/she is going to target their valuable test time.
Consider communication replay or pcap based test schemes. Most security vulnerabilities take their birth from post-release bugs and post-release bugs are typically identified through happen-chance by the customer during execution of the software program. Consider now the Ethernet-enabled devices deployed in the critical industries; they have been operating reliably in the field 24×7x365 for the past 5-10 years. One can assume that throughout this time, in the hostile environments these devices occupy, a communication packet got corrupted or altered now and then (EMI, etc.). However, the bugs that the security community is now finding in the plenty were never identified. When we consider allotting valuable test hours to relay based testing we must ask ourselves: how “normal” or “based on regular traffic” could the triggers of today’s vulnerabilities be?
The answer is what keeps me motivated to innovate new automated schemes for generating large quantities of threat-specific test cases, not background noise.