Software QA FYI - SQAFYI

Uncovering Weaknesses in Code With Cyclomatic Path Analysis

By: Thomas J. McCabe Sr,Thomas J. McCabe Jr,Lance Fiondella

Abstract. Software flaws represent a serious threat to system integrity. Today, software plays an increasingly important role in the infrastructure of government agencies. These entities outsource and use open-source software within their critical infrastructure; however, the origins and security characteristics of this code are rarely certified. We compare the relative effectiveness of the statement, branch, and cyclomatic code coverage software testing methodologies for detecting flaws in software.


Foreign influence on DoD software is a major security concern . A programmer can insert a flaw into code that looks like an honest mistake, but when triggered leads to unexpected behavior in the system on which the software resides. The consequences could be anything from system unavailability to outright hijacking of the system and all of its functionality. Given the potentially catastrophic consequences of allowing exploitable software flaws to reside in operational systems, software testing is now being acknowledged as a critical step to mitigate software supply chain risks .

Protecting against the “inside job” is not the only concern for those wishing to protect software systems from attack. Foreign adversaries persistently attempt to break into the networks of defense facilities and their contractors. A successful intruder would steal anything that could provide economic or strategic advantage. The speculated compromise of the Joint Strike Fighter [3] is a high profile example, with tens of thousands of hours of programming feared lost. Not only can code be copied, it can be studied intensively for weaknesses. By interfacing operational systems running the software and injecting attacks to trigger exploitable weak PCnesses, the range of consequences mentioned above could be realized. Any unprotected statements in code that could lead to failure become fair game. The only way to ensure compromised software can withstand external attacks is to subject it to rigorous testing and identify weaknesses for removal before they can ever be targeted for attack. A software testing methodology that can eliminate the majority of flaws, both intentional and unintentional, is essential for producing and preserving software dependability.

PCnesses, the range of consequences mentioned above could be realized. Any unprotected statements in code that could lead to failure become fair game. The only way to ensure compromised software can withstand external attacks is to subject it to rigorous testing and identify weaknesses for removal before they can ever be targeted for attack. A software testing methodology that can eliminate the majority of flaws, both intentional and unintentional, is essential for producing and preserving software dependability.

Detecting Security Flaws With Cyclomatic Complexity- based Testing A critical comparison of software testing methodologies is essential to illustrate how competing approaches can fail to identify particular weaknesses. The following three examples consider this additional aspect and demonstrate that cyclomatic complexity-based testing can successfully detect several common weaknesses.

Divide By Zero CWE-369: Dividing by zero is a commonly occurring problem. In mathematics, dividing a number by zero is not permitted because the result is defined to be infinity. This poses a challenge for computers, which cannot work with such a large number. Attempting to divide by zero on a computer leads to a condition known as overflow. Though one may think this exception should be simple to eliminate, overflows happen quite frequently because many programming languages set a variable to zero before it is ever assigned a value. All too often, programmers neglect to initialize a variable before using it as the denominator of a statement that performs division. This frequent occurrence makes the divide by zero weakness a widespread problem. Dividing by zero can lead to a variety of unpredictable behavior in software. Potential outcomes include unintended branching to error handling routines, software crashes, and similar undesirable behaviors. A programmer who intentionally or unwittingly introduces a divide by zero flaw can induce system crashes, rendering a system unavailable to perform its appointed tasks

Full article...


Other Resource

... to read more articles, visit http://sqa.fyicenter.com/art/

Uncovering Weaknesses in Code With Cyclomatic Path Analysis