Innovative Rootkits: The Ultimate Weapon? (PDF)
G. McGraw
Network Magazine, January 1, 2005.
Backdoor Attacks on Black-Box Ciphers Exploiting Low-Entropy Plaintexts
A. Young, M. Yung
Eighth Australasian Conference on Information Security and Privacy (ACISP), Lecture Notes in Computer Science (LNCS), July 9-11, Springer-Verlag, 2003.
Non-Zero Sum Games and Survivable Malware
A. Young
Proceedings of the 4th Annual IEEE Information Assurance Workshop, June 18-20, United States Military Academy, West Point, New York, 2003.
A Toolkit for Detecting and Analyzing Malicious Software (PDF)
M. Weber, M. Schmid, D. Geyer, M. Schatz
Annual Computer Security Applications Conference (ACSAC'02), Las Vegas, NV, December, 2002.
Protecting Data from Malicious Software (PDF)
M. Schmid, F. Hill, A. Ghosh
Annual Computer Security Applications Conference (ACSAC'02), Las Vegas, NV, December, 2002.
Controlling the Execution of Unauthorized Software (PS / PDF / Word)
M. Schmid, J.T. Bloch, F. Hill, A. Ghosh
To appear in the Proceedings of the 2001 DARPA Information Survivability Conference & Exposition, June 2001, Anaheim, CA.
Bandwidth-Optimal Kleptographic Attacks
A. Young, M. Yung
Cryptographic Hardware and Embedded Systems (CHES), 2001.
Execution Control Lists: An Approach to Defending Against New and Unknown Malicious Software (PS / PDF)
A.K. Ghosh, M. Schmid
In Proceedings of the Information Survivability Workshop 2000, October 24-26, 2000, Boston, MA.
NetHose: A Tool for Finding Vulnerabilities in Network Stacks (PS / PDF)
A. Ghosh, F. Hill, M. Schmid
Short talk at the 1999 IEEE Security and Privacy Symposium, Oakland, CA, 1999.
Towards Fault-Tolerant Mobile Agents (PS / PDF)
L. Kassab, J. Voas
Workshop on Distributed Computing on the Web, June, 1998, Rostock, Germany.
Black-Box Symmetric Ciphers Designed for Monopolizing Keys
A. Young, M. Yung
Fast Software Encryption Workshop, 1998.
Encryption Tools for Mobile Agents: Sliding Encryption
A. Young, M. Yung
Fast Software Encryption Workshop.
The Prevalence of Kleptographic Attacks on Discrete-Log Based Cryptosystems
A. Young, M. Yung
Advances in Cryptology, CRYPTO '97, pages 264-276, Springer, 1997.
Deniable Password Snatching: On the Possibility of Evasive Electronic Espionage
A. Young, M. Yung
IEEE Symposium on Security and Privacy, pages 224-235, 1997.
Kleptography: Using Cryptography against Cryptography
A. Young, M. Yung
Advances in Cryptology, Eurocrypt '97, pages 62-74, Springer, 1997.
The Dark Side of 'Black-Box' Cryptography or: Should We Trust Capstone?
A. Young, M. Yung
Advances in Cryptology, CRYPTO '96, pages 89-103, Springer, 1996.
Cryptovirology: Extortion-Based Security Threats and Countermeasures
A. Young, M. Yung
IEEE Symposium on Security and Privacy, pages 129-140, 1996.
Using Attack Graphs to Design Systems (PDF)
S. Gupta, J. Winstead
IEEE Security & Privacy (Nov/Dec 2007)
Online Games and Security (PDF)
G. McGraw, G. Hoglund
IEEE Security & Privacy (Sep/Oct 2007)
Defining Misuse Within the Development Process (PDF)
G. Petersen, J. Steven
IEEE Security & Privacy (Nov/Dec 2006)
Essential Factors for Successful Software Security Awareness Training (PDF)
K. VanWyk, J. Steven
IEEE Security & Privacy (Sep/Oct 2006)
Essential Factors for Successful Software Security Awareness Training (PDF)
K. Van Wyk, J. Steven
IEEE Security & Privacy (Sep/Oct 2006)
Introduction to Identity Management Risk Metrics (PDF)
G. Peterson
IEEE Security & Privacy (Jul/Aug 2006)
Introduction to Identity Management Risk Metrics (PDF)
G. Petersen (ed. J. Steven)
IEEE Security & Privacy (Jul/Aug 2006)
Putting the Tools to Work: How to Succeed with Source Code Analysis (PDF)
P. Chandra, B. Chess, J. Steven
IEEE Security & Privacy (May/Jun 2006)
Putting the Tools to Work: How to Succeed with Source Code Analysis (PDF)
P. Chandra, B. Chess, J. Steven
IEEE Security & Privacy (May/Jun 2006)
How Flawed is Microsoft? (PDF)
G. McGraw
IT Architect Magazine, March 1, 2006.
Adopting an Enterprise Software Security Framework (PDF)
J. Steven
IEEE Security & Privacy (Mar/Apr 2006)
Software Security and SOA: Danger, Will Robinson! (PDF)
J. Epstein, S. Matsuomoto, G. McGraw
IEEE Security & Privacy (Jan/Feb 2006)
Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors (PDF)
K. Tsipenyuk, B. Chess, G. McGraw
IEEE Security & Privacy (Nov/Dec 2005)
Bridging the Gap Between Software Development and Information Security (PDF)
K.R. van Wyk, G. McGraw
IEEE Security & Privacy (Sep/Oct 2005)
A Portal for Software Security (PDF)
N.R. Mead and G. McGraw
IEEE Security & Privacy (Jul/Aug 2005)
How Does Security Fit With Engineering? (PDF)
G. McGraw
Network Magazine, May 1, 2005.
Adopting a Software Security Improvement Program (PDF)
D. Taylor and G. McGraw
IEEE Security & Privacy (May/Jun 2005)
Software Penetration Testing (PDF)
B. Arkin, S. Stender, G. McGraw
IEEE Security & Privacy (Jan/Feb 2005)
Who Should Do Security? (PDF)
G. McGraw
Network Magazine, October 1, 2004.
Risk Analysis in Software Design (PDF)
D. Verdon, G. McGraw
IEEE Security & Privacy (July/August 2004; pp. 32-37) (Building Security In)
Misuse and Abuse Cases: Getting Past the Positive (PDF)
P. Hope, G. McGraw, A. Anton
IEEE Security & Privacy (May/Jun 2004)
Dire Straits (HTML)
G. McGraw, G. Hoglund
Information Security (April 2004)
Software Security (PDF)
G. McGraw
IEEE Security & Privacy (March/April 2004; Volume 2, Number 2, pp. 32-35)
Building Secure Software: Better than Protecting Bad Software (PDF)
G. McGraw
IEEE Software (November/December 2002; Vol. 19, No. 6, pp. 57-59) (Point/Counterpoint with Greg Hoglund)
Choosing a programming language and a distributed object platform (HTML)
G. McGraw, J. Viega
IBM developerWorks (Feb 1, 2002)
Protecting passwords: Part 2 (HTML)
G. McGraw, J. Viega
IBM developerWorks (September 2000)
Protecting passwords: Part 1 (HTML)
G. McGraw, J. Viega
IBM developerWorks (August 2000)
Make your software behave: Cryptography essentials (HTML)
G. McGraw, T. O'Connor
IBM developerWorks (July 2000)
Make your software behave: Tried and true encryption (HTML)
G. McGraw, J. Viega
IBM developerWorks (Jun 1, 2000)
Make your software behave: Playing the numbers (HTML)
G. McGraw, J. Viega
IBM developerWorks (Apr 4, 2000)
Software security principles, Part 4: Keep it simple; keep it private (HTML)
G. McGraw, J. Viega
IBM developerWorks (December 2000)
Software security principles: Part 2: Defense in depth and secure failure (HTML)
G. McGraw, J. Viega
IBM developerWorks (November 2000)
Software security principles, Part 3: Controlling access: Least privilege and compartmentalization (HTML)
G. McGraw, J. Viega
IBM developerWorks (November 2000)
Make your software behave: Security by obscurity (HTML)
G. McGraw, J. Viega
IBM developerWorks (October 2000)
Software security principles: Part 1: The chain is only as strong as its weakest link (HTML)
G. McGraw, J. Viega
IBM developerWorks (October 2000)
Statically Scanning Java Code: Finding Security Vulnerabilities
G. McGraw, J. Viega
IEEE Software (September/October 2000)
Make your software behave: Preventing buffer overflows (HTML)
G. McGraw, J. Viega
IBM developerWorks (Mar 7, 2000)
Make your software behave: Brass tacks and smash attacks (HTML)
G. McGraw, J. Viega
IBM developerWorks (Mar 14, 2000)
Make your software behave: Learning the basics of buffer overflows (HTML)
G. McGraw, J. Viega
IBM developerWorks (Mar 1, 2000)
Make your software behave: Assuring your software is secure (HTML)
G. McGraw, J. Viega
IBM developerWorks (Feb 28, 2000)
Java 2 security and stack inspection (HTML)
G. McGraw
Gamelan.com, May 12, 1999.
Why COTS Software Increases Security Risks (PS / PDF)
G. McGraw, J. Viega
ICSE Workshop on Testing Distributed Component-Based Systems, May 1999.
Software Assurance for Security (PDF / Word)
G. McGraw
IEEE Computer 32(4), pages 103-105. April 1999.
Software Assurance for Security (PDF / Word)
G. McGraw
IEEE Computer 32(4), pages 103-105. April 1999.
Twelve Rules for Developing More Secure Java Code (HTML)
G. McGraw, E. Felten
Java World, December 1998.
Third-Party Java Security Vendors: Solutions or Snake Oil? (Word)
G. McGraw, E. Felten
Java Report, December 1998.
Privileged code in Java: Why the API changed from JDK1.2beta3 to JDK1.2beta4 (HTML)
G. McGraw
developer.com, August 31, 1998.
E-Commerce Security: No Silver Bullet
A.K. Ghosh
In Proceedings of the IFIP WG 11.3 Working Conference on Database Security, July 15-17, 1998, Chalkidiki, GR.
Testing for Security During Development: Why we should scrap penetrate-and-patch. (PS / PDF)
G. McGraw
IEEE Aerospace and Electronic Systems, April 1998.
Implementing Assertions for Java (HTML)
J. Payne, M. Schatz, M. Schmid
Dr. Dobb's Journal, January 1998.
Testing for Security During Development: Why We Should Scrap Penetrate-and-Patch (PS)
G. McGraw
In Proceedings of 12th Annual Conference on Computer Assurance, June 16-20, 1997, Gaithersburg, MD.
A framework for creating custom rules for static analysis tools (PDF)
E. Dalci, J. Steven
Static Analysis Summit at NIST (June 29, 2006)
Is Your Mac Really More Secure? (PDF)
G. McGraw
Network Magazine, April 1, 2005.
Knowledge for Software Security (PDF)
S. Barnum, G. McGraw
IEEE Security & Privacy (Mar/Apr 2005)
Are We In a Computer Security Renaissance? (PDF)
G. McGraw
Network Magazine, February 1, 2005.
How Do Real Bad Guys Break Software? (PDF)
G. McGraw
Network Magazine, December 1, 2004.
Application Security Testing Tools: Worth the Money? (PDF)
G. McGraw
Network Magazine, November 1, 2004.
Risk Analysis in Software Design (PDF)
D. Verdon, G. McGraw
IEEE Security & Privacy (July/August 2004; pp. 32-37) (Building Security In)
Exploiting Software: The Achilles' Heel of CyberDefense (PDF / HTML)
G. McGraw, G. Hoglund
CyberDefense Magazine (June 2004)
Regulation and Information Security: Can Y2K Lessons Help Us? (PDF)
J. Payne
IEEE Security & Privacy (March/April 2004; Vol. 2, No. 2, pp. 32-35) (On the Horizon)
Putting Software Terminology To the Test (PDF)
J. Steven
IEEE Software (May/June 2002)
Operating systems and authentication technologies (HTML)
G. McGraw, J. Viega
IBM developerWorks (Feb 1, 2002)
Make your software behave: Preventing buffer overflows (HTML)
G. McGraw, J. Viega
IBM developerWorks (Mar 7, 2000)
Make your software behave: Brass tacks and smash attacks (HTML)
G. McGraw, J. Viega
IBM developerWorks (Mar 14, 2000)
Make your software behave: Learning the basics of buffer overflows (HTML)
G. McGraw, J. Viega
IBM developerWorks (Mar 1, 2000)
How We Learned to Cheat in Online Poker: A Study in Software Security (PDF / HTML)
B. Arkin, F. Hill, S. Marks, M. Schmid, T.J. Walls, G. McGraw
Developer.Com, 09/28/99.
Mobile Code Security (HTML)
G. McGraw and E. Felten
Editors, IEEE Internet Computing, November/December 1998.
An Approach for Certifying Security in Software Components (PS / PDF)
A. Ghosh, G. McGraw
Proceedings of the 21st National Information Systems Security Conference, October 5-8, 1998, Crystal City, VA.
Agent Trustworthiness (PS / PDF)
L. Kassab, J. Voas
Workshop on Mobile Object Systems: Secure Internet Mobile, July, 1998, Brussels, Belgium.
An Automated Approach for Identifying Potential Vulnerabilities in Software (PS / PDF)
A. Ghosh, T. O'Connor, G. McGraw
Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA. May 3-6, 1998, pp. 104-114.
Smart Cards, Java Cards and Security (HTML)
G. McGraw
developer.com, January 19, 1998.
Developing Expertise in Software Security: An Outsider's Perspective (PS / PDF)
G. McGraw, A.K. Ghosh
In working notes of the Invitational Workshop on Computer Vulnerability Data Sharing, NIST, June 1996.
Two State-Based Approaches to Program-based Anomaly Detection (PS / PDF)
C. Michael, A. Ghosh
Proceedings of ACSAC 2000, December 2000.
A Real-Time Intrusion Detection System Based on Learning Program Behavior (PS / PDF)
A.K. Ghosh, C.C. Michael, and M.A. Schatz
Recent Advances in Intrusion Detection; Third International Workshop, RAID 2000.
Learning Program Behavior Profiles for Intrusion Detection (PS / PDF)
A.K. Ghosh, A. Schwartzbard, M. Schatz
To appear in Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, April 9-12, 1999, Santa Clara, CA.
Using Program Behavior Profiles for Intrusion Detection (PS / PDF)
A.K. Ghosh, A. Schwartzbard, M. Schatz
SANS Conference and Workshop on Intrusion Detection and Response, Technical Conference, Workshop on the State of the Art and Future Directions of Intrusion Detection and Response, February 12-13, San Diego, CA, pp. 1-20 -- 1-26.
Detecting Anomalous and Unknown Intrusions Against Programs (PS / PDF)
A.K. Ghosh, J. Wanken, F. Charron
Proceedings of Annual Computer Security Applications Conference (ACSAC'98), December 7-11, 1998, Scottsdale, AZ.
A Subliminal Channel in Secret Block Ciphers
A. Young, M. Yung
Selected Areas in Cryptography, August 9-10, 2004.
A Key Recovery System as Secure as Factoring
A. Young, M. Yung
CT-RSA Conference, 2004.
Relationships Between Diffie-Hellman and Index Oracles
A. Young, M. Yung
Fourth Conference on Security in Communication Networks '04, 2004.
A Weakness in Smart-Card PKI Certification
A. Young
Proceedings of the 4th Annual IEEE Information Assurance Workshop, June 18-20, United States Military Academy, West Point, New York, 2003.
A PVSS as Hard as Discrete Log and Shareholder Separability
A. Young, M. Yung
PKC 2001 (Public Key Crypto).
Secure mobile gambling
M. Jakobsson, D. Pointcheval, A. Young
CT-RSA Conference 2001.
Make your software behave: Cryptography essentials (HTML)
G. McGraw, T. O'Connor
IBM developerWorks (July 2000)
Make your software behave: Tried and true encryption (HTML)
G. McGraw, J. Viega
IBM developerWorks (Jun 1, 2000)
Preliminary Cryptanalysis of Reduced-Round Serpent (PS / PDF)
T. Kohno, J. Kelsey, and B. Schneier
Third AES Candidate Conference, April 13-14, 2000.
Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent (PS / PDF)
J. Kelsey, T. Kohno, B. Schneier
Seventh Fast Software Encryption Workshop, Springer-Verlag, April 10-12, 2000.
Hash to the Rescue: Space Minimization for PKI Directories
A. Young, M. Yung
ICISC 2000 (International Conf. on Info. Sec. and Crypto).
Towards Signature-Only Signature Schemes
A. Young, M. Yung
Asiacrypt 2000.
RSA Based Auto-Recoverable Cryptosystems
A. Young, M. Yung
Proceedings of Public Key Cryptography (PKC), 2000.
Auto-Recoverable Cryptosystems with Faster Initialization and the Escrow Hierarchy
A. Young, M. Yung
Proceedings of Public Key Cryptography (PKC), 1999.
Auto-Recoverable Auto-Certifiable Cryptosystems (a survey)
A. Young, M. Yung
CQRE, Springer-Verlag, LNCS, 1999.
Non-Interactive CryptoComputing for NC1
T. Sander, A. Young, M. Yung
40th Annual Symposium on Foundations of Computer Science (FOCS), IEEE Computer Society, pages 554-566, '99.
Finding Length-3 Positive Cunningham Chains and their Cryptographic Significance
A. Young, M. Yung
Algorithmic Number Theory III (ANTS), LNCS vol. 1423, 1998.
Auto-Recoverable Auto-Certifiable Cryptosystems
A. Young, M. Yung
Advances in Cryptology, Eurocrypt '98.
Software Penetration Testing (PDF)
B. Arkin, S. Stender, G. McGraw
IEEE Security & Privacy (Jan/Feb 2005)
Testing Commercial-off-the-Shelf Software Components (Word)
J. Haddox, G. Kapfhammer, C. Michael, M. Schatz
Proceedings of the 18th International Conference and Exposition on Testing.
An Approach to Identifying and Understanding Problematic COTS Components (PS / PDF)
G. Kapfhammer, C. Michael, J. Haddox, R. Coyler
Presented at ISACC 2000, The Software Risk Management Conference.
Deriving Accurate Operational Profiles for Mass-Marketed Software (PS / PDF)
J. Voas
Submitted to 4th International Conference on Empirical Assessment & Evaluation in Software (EASE 2000).
Techniques for Evaluating the Robustness of Windows NT Software (PDF / Word)
M. Schmid, A.K. Ghosh, F. Hill
To appear in the 2000 DARPA Information Survivability Conference & Exposition (DISCEX'00), January 2000, Hilton Head, SC.
Can Chaotic Methods Actually Improve Software Quality Predictions? (PS / PDF)
J. Voas
IEEE Software, to appear in 2000.
An Approach to Testing COTS Software for Robustness to Operating System Exceptions and Errors (PS / PDF)
A.K. Ghosh, M. Schmid
To appear in the 1999 International Symposium on Software Reliability Engineering (ISSRE99), November 1-4, 1999, Boca Raton, FL.
Predicting When to Reboot "Continuously Operating" Embedded Software (HTML)
J. Voas, F. Charron
In proceedings of CONQUEST'99, September 1999, Nuremburg, Germany.
Inoculating Software for Survivability (PS / PDF)
A. Ghosh, J. Voas
Communications of the ACM, July 1999.
Wrapping Windows NT Software for Robustness (PS / PDF)
A. Ghosh, M. Schmid, F. Hill
To appear in Proceedings of the 29th International Fault Tolerant Computer Symposium (FTCS-29), June 15-18, 1999, Madison, WI.
Data Generation Techniques for Automated Software Robustness Testing (PDF / Word)
M. Schmid, F. Hill
Sixteenth International Conference on Testing Computer Software (ICTCS'99)
Quality Meets the CEO (PDF)
J. Payne
Software Testing & Quality Engineering, May/June 1999 (Vol. 1, Iss. 3)
Software Hazard Mining (PS / PDF)
J. Voas
For the IEEE Workshop on Application Specific Software Engineering and Technology (ASSET'99), March, 1999. Richardson, TX.
NetHose: A Tool for Finding Vulnerabilities in Network Stacks (PS / PDF)
A. Ghosh, F. Hill, M. Schmid
Short talk at the 1999 IEEE Security and Privacy Symposium, Oakland, CA, 1999.
Using Assertions to Make Untestable Software More Testable (PS / PDF)
J. Voas, L. Kassab
Software Quality Professional.
Analyzing Software Sensitivity to Human Error (PS / PDF)
J. Voas
Failure and Lessons Learned in Information Technology Management - An International Journal 2(4), December, 1998.
Wrapping Windows NT Binary Executables for Failure Simulation (PS / PDF)
A.K. Ghosh, M. Schmid
Fast abstract to appear in the International Symposium on Software Reliability Engineering (ISSRE'98), November 4-7, 1998, Paderborn, GE.
Testing the Robustness of Windows NT Software (PS / PDF)
A.K. Ghosh, M. Schmid, and V. Shah
Experience report to appear in the International Symposium on Software Reliability Engineering (ISSRE'98), November 4-7, 1998, Paderborn, GE.
Automated Software Test Data Generation for Complex Programs (PS / PDF)
G. McGraw and C. Michael
Proceedings of the 13th IEEE Automated Software Engineering Conference, October 13-16, 1998, Honolulu, Hawaii.
An Approach for Analyzing the Robustness of Windows NT Software (PS / PDF)
A. Ghosh, V. Shah, M. Schmid
Proceedings of the 21st National Information Systems Security Conference, October 5-8, 1998, p. 383-391. Crystal City, VA.
OTS Software Failures: Can Anything be Done? (PS / PDF)
J. Voas, J. Payne
In Proceedings of the First IEEE Workshop on Application Specific Software Engineering and Technology (ASSET'98), March, 1998, Dallas
Error Propagation Analysis Studies in a Nuclear Research Code (PDF)
J. Voas, F. Charron, L. Beltracchi
In Proceedings of the 1998 IEEE Aerospace Conference, Snowmass, CO, March 1998.
Fault Injection for the Masses (PS / PDF)
J. Voas
IEEE Computer, December 1997.
Genetic Algorithms for Dynamic Test Data Generation (PS / PDF)
C. Michael, G. McGraw, M. Schatz, and C. Walton
In Proceedings of IEEE International Automated Software Engineering Conference (ASE97), November 3-5, 1997.
Reducing Uncertainty About Common-Mode Failures (PS / PDF)
J. Voas, A. Ghosh, F. Charron, L. Kassab
In Proceedings of ISSRE, November 1997.
Simulating Specification Errors and Ambiguities in Systems Employing Diversity (PS / PDF)
J. Voas, L. Kassab
In the Proceedings of 1997 Pacific Northwest Software Quality Conference, October 27-29, 1997.
Building Software Recovery Assertions from Fault Injection Analysis (PS / PDF)
J. Voas
In Proceedings of COMPSAC'97, August 1997, Washington DC.
Predicting How Badly "Good" Software can Behave (PS)
J. Voas, F. Charron, G. McGraw, E. Miller, M. Friedman
IEEE Software, July 1997.
On the Uniformity of Error Propagation in Software (PS)
C. Michael and R. Jones
In Proceedings of COMPASS '97, June 1997.
Reusing Tests of Reusable Software Components (PS)
C. Michael
In Proceedings of COMPASS '97, June 1997.
Problems of Accuracy in the Prediction of Software Quality from Directed Tests (PS / PDF)
C. Michael, J. Voas
International Conference on Testing Computer Software, June 1997.
Fault-injection: A Crystal Ball for Software Quality (PS / PDF)
J. Voas, G. McGraw, L. Kassab, L. Voas
IEEE Computer, June 1997, Volume 30, Number 6, pp. 29-36.
Reducing Uncertainty About Common-Mode Failures (PS / PDF)
J. Voas, A. Ghosh, F. Charron, L. Kassab
Submitted to the 12th Annual Conference on Computer Assurance, June 16-20, 1997, Gaithersburg, MD.
A Few Assertions about Information Hiding (PS / PDF)
J. Voas
IEEE Software (Quality Time Column), March 1997.
Using Evolution Constraints to Assess the Failure-proneness of Evolving Software (PS)
C. Michael
Proceedings of the First Euromicro Working Conference on Software Maintenance and Reengineering (CSMR97), March 17-19, 1997, Berlin, Germany.
Reducing Uncertainty About Survivability (PS / PDF)
J. Voas, G. McGraw, A. Ghosh
Proc. of the 1997 Information Survivability Workshop, February 12-13, 1997, San Diego, CA
Software Fault-injection: Growing 'Safer' Systems (PS / PDF)
J. Voas
In Proc. of IEEE Aerospace Conference, February, 1997, Snowmass, CO.
On the Use of Process Information in Directed Testing (PS)
C. Michael
Software Quality Engineering '97.
Software Testability: Investing in Testing (PS / PDF)
J. Voas, K. Miller
Proceedings of EuroStar'96, Amsterdam, December, 1996.
Investigating Rare-Event Failure Tolerance: Reductions in Uncertainty (PS / PDF)
J. Voas, F. Charron, K. Miller
Proceedings of IEEE High-Assurance Systems Engineering Workshop (HASE'96), In conjunection with the 15th Symposium on Reliable Distributed Systems, Niagara-on-the-Lake, Canada, October, 1996.
Tolerant Software Interfaces: Can COTS-based Systems be Trusted Without Them? (PS / PDF)
J. Voas, F. Charron, K. Miller
Proceedings of the 15th Int'l. Conference on Computer Safety, Reliability, and Security (SAFECOMP'96), Vienna, October, 1996.
Automatic Generation of Test-Cases for Software Testing (PS / PDF)
G. McGraw, C. Michael
Proceedings of the 18th Annual Conference of the Cognitive Science Society, July 1996.
Untangling the Woven Web: Testing Web-based Software (PS / PDF)
G. McGraw, D. Hovemeyer
Proceedings of the 13th International Conference on Testing Computer Software (ICTCS), June 1996.
Substituting Voas's Testability Measure for Musa's Fault Exposure Ratio (PS / PDF)
J. Voas, K. Miller
Proceedings of the Int'l. Communications Conference, June, 1996, Dallas, TX.
Building a Java Software Engineering Tool for Testing Applets (PS / PDF)
A.S. Binns, G. McGraw
Proceedings of the IntraNet 96 NY Conference, April 8-10, 1996, New York City.
Defining an Adaptive Software Security Metric from a Dynamic Software Failure-tolerance Measure (PS / PDF)
J. Voas, G. McGraw, A.K. Ghosh, F. Charron, K. Miller
Proceedings of the 11th Annual Conference on Computer Assurance (COMPASS'96)
Detecting Program Modules with Low Testability (PS)
T.M. Khoshgoftaar, R.M. Szabo, J.M. Voas
Proceedings of ICSM'95, Nice, France, October, 1995.
Procedures for Reducing the Size of Coverage-based Test Sets (PS / PDF)
J. Offutt, J. Pan, J. Voas
Proceedings of 12th Int'l. Conf. on Testing Computer Software. Washington, DC. June, 1995.
Examining Fault-tolerance Using Unlikely Inputs: Turning the Test Distribution Up-side Down (PS / PDF)
J. Voas, K. Miller
Proceedings of COMPASS'95, Gaithersburg, MD June, 1995.
Software Testability Measurement for Assertion Injection and Fault Localization (PS / PDF)
J. Voas
Proceedings of 2nd Int'l. Workshop on Automated and Algorithmic Debugging (AADEBUG'95), St. Malo, France, May, 1995.
Software Testability: The New Verification (PS / PDF)
J. Voas, K. Miller
IEEE Software. May, 1995.
Software Testability: An Experiment in Measuring Simulation Reusability (PS)
J. Voas, J. Payne, R. Mills, J. McManus
Proceedings of ACM Sigsoft (SSR'95), Seattle, April 29-30.
Confidently Assessing a Zero Probability of Software Failure (PS)
J. Voas, C. Michael, K. Miller
High Integrity Systems Journal. Oxford University Press. 1(3):269-275, 1995.
Putting Assertions in Their Place (PS)
J. Voas, K. Miller
Proceedings of the Int'l. Symposium on Software Reliability Engineering, November 6-9, 1994, Monterey, CA.
A Comparison of a Dynamic Software Testability Metric to Static Cyclomatic Complexity (PS)
J. Voas, K. Miller, J. Payne
Proceedings of 2nd Int'l. Conf. on Software Quality Management, July, 1994, Edinburgh, Scotland, Publisher: Computational Mechanics Publications.
Dynamic Testability Analysis for Assessing Fault Tolerance (PS)
J. Voas, K. Miller
High Integrity Systems Journal. 1(2):171-178, 1994, Oxford University Press.
Formal Testability Analysis (PS)
J. Voas
In the Encyclopedia of Software Engineering, John Wiley & Sons, pp.517--518, 1994.
An Empirical Comparison of a Dynamic Software Testability Metric to Static Cyclomatic Complexity (PS / PDF)
J. Voas, K. Miller, J. Payne
Proceedings of the 18th Annual Software Engineering Workshop, December, 1993, NASA-Goddard Software Engineering Laboratory Series Report 93-003.
Confidently Assessing a Zero Probability of Software Failure (PS)
J. Voas, C. Michael, K. Miller
Proceedings of the 12th Int'l. Conf. on Computer Safety, Reliability, and Security , October, 1993, pp. 197-206, Poznan, Poland. Publisher: Springer-Verlag, ISBN 3-540-19838-5.
Software Testability and Its Application to Avionic Software (PS)
J. Voas, K. Miller, J. Payne
Proceedings of Computers in Aerospace 9, October, 1993, San Diego, CA. Publisher: AIAA.
Automating Test Case Generation for Coverages Required by FAA Standard DO-178B (PS)
J. Voas, K. Miller, J. Payne
Proceedings of Computers in Aerospace 9, October, 1993, San Diego, CA. Publisher: AIAA.
A Software Analysis Technique for Quantifying Reliability in High-Risk Medical Devices (PS / PDF)
J. Voas, K. Miller, J. Payne
Proceedings of the 6th IEEE Symposium on Computer-Based Medical Systems, June, 1993, Ann Arbor, MI.
Faults on Its Sleeve: Amplifying Software Reliability Testing (PS / PDF)
R. Hamlet, J. Voas
Proceedings of the ACM SIGSOFT Int'l. Symposium on Software Testing and Analysis, June, 1993, Cambridge, MA, Publisher: ACM.
Semantic Metrics for Software Testability (PS)
J. Voas, K. Miller
The Journal of Systems and Software, Elsevier Science Publishers Ltd. 20:207-216, March, 1993.
Applying a Dynamic Testability Technique to Debugging Certain Classes of Software Faults (PS / PDF)
J. Voas, K. Miller
Software Quality Journal, Chapman & Hall, March, 1993, p. 61-75.
A Framework for Defining Semantic Metrics (PS)
L. Morell, J. Voas
The Journal of Systems and Software, Elsevier Science Publishers Ltd. 20:245-251, March, 1993.
Designing Programs That are Less Likely to Hide Faults (PS / PDF)
J. Voas, K. Miller, J. Payne
The Journal of Systems and Software, Elsevier Science Publishers Ltd. 20:93-100, January, 1993.
Improving the Software Development Process Using Testability Research (PS / PDF)
J. Voas, K. Miller
Proceedings of the 3rd Int'l. Symp. on Softw. Reliability Engineering , p. 114--121, October, 1992, RTP, NC, Publisher: IEEE Computer Society.
Designing Programs that do not Hide Data State Errors During Random Black-Box Testing (PS)
J. Voas, K. Miller, R. Noonan
Proceedings of the 5th Int'l. Conf. on Putting Into Practice Methods and Tools for Information System Design, September, 1992, Nantes, France.
PIE: A Dynamic Failure-Based Technique (PS / PDF)
J. Voas
IEEE Trans. on Softw. Eng., 18(8):717--727, August, 1992.
Dynamic Testing Complexity Metric (PS / PDF)
J. Voas
Software Quality Journal, 1(2):101--114, Chapman & Hall, June, 1992.
PISCES: A Tool for Predicting Software Testability (PS / PDF)
J. Voas, K. Miller, J. Payne
Proceedings of the Symp. on Assessment of Quality Software Development Tools, May, 1992, p. 297-309, New Orleans, LA, IEEE Computer Society, ISBN: 0-8186-2620-8.
The Revealing Power of a Test Case (PS / PDF)
J. Voas, K. Miller
Journal of Software Testing, Verification, and Reliability, John Wiley and Sons, 2(1):25-42, May, 1992.
Factors that Affect Software Testability (PS / PDF)
J. Voas
Proceedings of the 9th Pacific Northwest Softw. Quality Conf., p. 235--247, October, 1991, Portland, OR. Publisher: Pacific Northwest Software Quality Conference, Inc.
A Dynamic Failure Model for Predicting the Impact that a Program Location has on the Program (PS / PDF)
J. Voas
Lecture Notes in Computer Science Series, Vol. 550: Proc. of the 3rd European Softw. Eng. Conf., p. 308--331, October, 1991, Italy, Publisher: Springer-Verlag, A. Van Lamsweerde and A. Fugetta (Eds.).
Predicting Where Faults Can Hide From Testing (PS / PDF)
J. Voas, L. Morell, K. Miller
IEEE Software, 8(2):41--47, March 1991.
An Approach to Identifying and Understanding Problematic COTS Components (PS / PDF)
G. Kapfhammer, C. Michael, J. Haddox, R. Coyler
Presented at ISACC 2000, The Software Risk Management Conference.
Techniques for Evaluating the Robustness of Windows NT Software (PDF / Word)
M. Schmid, A.K. Ghosh, F. Hill
To appear in the 2000 DARPA Information Survivability Conference & Exposition (DISCEX'00), January 2000, Hilton Head, SC.
An Approach to Testing COTS Software for Robustness to Operating System Exceptions and Errors (PS / PDF)
A.K. Ghosh, M. Schmid
To appear in the 1999 International Symposium on Software Reliability Engineering (ISSRE99), November 1-4, 1999, Boca Raton, FL.
Predicting When to Reboot "Continuously Operating" Embedded Software (HTML)
J. Voas, F. Charron
In proceedings of CONQUEST'99, September 1999, Nuremburg, Germany.
Inoculating Software for Survivability (PS / PDF)
A. Ghosh, J. Voas
Communications of the ACM, July 1999.
Data Generation Techniques for Automated Software Robustness Testing (PDF / Word)
M. Schmid, F. Hill
Sixteenth International Conference on Testing Computer Software (ICTCS'99)
Software Hazard Mining (PS / PDF)
J. Voas
For the IEEE Workshop on Application Specific Software Engineering and Technology (ASSET'99), March, 1999. Richardson, TX.
NetHose: A Tool for Finding Vulnerabilities in Network Stacks (PS / PDF)
A. Ghosh, F. Hill, M. Schmid
Short talk at the 1999 IEEE Security and Privacy Symposium, Oakland, CA, 1999.
Analyzing Software Sensitivity to Human Error (PS / PDF)
J. Voas
Failure and Lessons Learned in Information Technology Management - An International Journal 2(4), December, 1998.
Wrapping Windows NT Binary Executables for Failure Simulation (PS / PDF)
A.K. Ghosh, M. Schmid
Fast abstract to appear in the International Symposium on Software Reliability Engineering (ISSRE'98), November 4-7, 1998, Paderborn, GE.
Testing the Robustness of Windows NT Software (PS / PDF)
A.K. Ghosh, M. Schmid, and V. Shah
Experience report to appear in the International Symposium on Software Reliability Engineering (ISSRE'98), November 4-7, 1998, Paderborn, GE.
An Approach for Analyzing the Robustness of Windows NT Software (PS / PDF)
A. Ghosh, V. Shah, M. Schmid
Proceedings of the 21st National Information Systems Security Conference, October 5-8, 1998, p. 383-391. Crystal City, VA.
Error Propagation Analysis Studies in a Nuclear Research Code (PDF)
J. Voas, F. Charron, L. Beltracchi
In Proceedings of the 1998 IEEE Aerospace Conference, Snowmass, CO, March 1998.
Fault Injection for the Masses (PS / PDF)
J. Voas
IEEE Computer, December 1997.
Reducing Uncertainty About Common-Mode Failures (PS / PDF)
J. Voas, A. Ghosh, F. Charron, L. Kassab
In Proceedings of ISSRE, November 1997.
Simulating Specification Errors and Ambiguities in Systems Employing Diversity (PS / PDF)
J. Voas, L. Kassab
In the Proceedings of 1997 Pacific Northwest Software Quality Conference, October 27-29, 1997.
Predicting How Badly "Good" Software can Behave (PS)
J. Voas, F. Charron, G. McGraw, E. Miller, M. Friedman
IEEE Software, July 1997.
On the Uniformity of Error Propagation in Software (PS)
C. Michael and R. Jones
In Proceedings of COMPASS '97, June 1997.
Fault-injection: A Crystal Ball for Software Quality (PS / PDF)
J. Voas, G. McGraw, L. Kassab, L. Voas
IEEE Computer, June 1997, Volume 30, Number 6, pp. 29-36.
Reducing Uncertainty About Common-Mode Failures (PS / PDF)
J. Voas, A. Ghosh, F. Charron, L. Kassab
Submitted to the 12th Annual Conference on Computer Assurance, June 16-20, 1997, Gaithersburg, MD.
Reducing Uncertainty About Survivability (PS / PDF)
J. Voas, G. McGraw, A. Ghosh
Proc. of the 1997 Information Survivability Workshop, February 12-13, 1997, San Diego, CA
Software Fault-injection: Growing 'Safer' Systems (PS / PDF)
J. Voas
In Proc. of IEEE Aerospace Conference, February, 1997, Snowmass, CO.
Software Testability: Investing in Testing (PS / PDF)
J. Voas, K. Miller
Proceedings of EuroStar'96, Amsterdam, December, 1996.
Tolerant Software Interfaces: Can COTS-based Systems be Trusted Without Them? (PS / PDF)
J. Voas, F. Charron, K. Miller
Proceedings of the 15th Int'l. Conference on Computer Safety, Reliability, and Security (SAFECOMP'96), Vienna, October, 1996.
Substituting Voas's Testability Measure for Musa's Fault Exposure Ratio (PS / PDF)
J. Voas, K. Miller
Proceedings of the Int'l. Communications Conference, June, 1996, Dallas, TX.
Defining an Adaptive Software Security Metric from a Dynamic Software Failure-tolerance Measure (PS / PDF)
J. Voas, G. McGraw, A.K. Ghosh, F. Charron, K. Miller
Proceedings of the 11th Annual Conference on Computer Assurance (COMPASS'96)
Software Testability Measurement for Assertion Injection and Fault Localization (PS / PDF)
J. Voas
Proceedings of 2nd Int'l. Workshop on Automated and Algorithmic Debugging (AADEBUG'95), St. Malo, France, May, 1995.
Software Testability: The New Verification (PS / PDF)
J. Voas, K. Miller
IEEE Software. May, 1995.
Software Testability: An Experiment in Measuring Simulation Reusability (PS)
J. Voas, J. Payne, R. Mills, J. McManus
Proceedings of ACM Sigsoft (SSR'95), Seattle, April 29-30.
Dynamic Testability Analysis for Assessing Fault Tolerance (PS)
J. Voas, K. Miller
High Integrity Systems Journal. 1(2):171-178, 1994, Oxford University Press.
Formal Testability Analysis (PS)
J. Voas
In the Encyclopedia of Software Engineering, John Wiley & Sons, pp.517--518, 1994.
Software Testability and Its Application to Avionic Software (PS)
J. Voas, K. Miller, J. Payne
Proceedings of Computers in Aerospace 9, October, 1993, San Diego, CA. Publisher: AIAA.
Semantic Metrics for Software Testability (PS)
J. Voas, K. Miller
The Journal of Systems and Software, Elsevier Science Publishers Ltd. 20:207-216, March, 1993.
Applying a Dynamic Testability Technique to Debugging Certain Classes of Software Faults (PS / PDF)
J. Voas, K. Miller
Software Quality Journal, Chapman & Hall, March, 1993, p. 61-75.
Improving the Software Development Process Using Testability Research (PS / PDF)
J. Voas, K. Miller
Proceedings of the 3rd Int'l. Symp. on Softw. Reliability Engineering , p. 114--121, October, 1992, RTP, NC, Publisher: IEEE Computer Society.
PIE: A Dynamic Failure-Based Technique (PS / PDF)
J. Voas
IEEE Trans. on Softw. Eng., 18(8):717--727, August, 1992.
PISCES: A Tool for Predicting Software Testability (PS / PDF)
J. Voas, K. Miller, J. Payne
Proceedings of the Symp. on Assessment of Quality Software Development Tools, May, 1992, p. 297-309, New Orleans, LA, IEEE Computer Society, ISBN: 0-8186-2620-8.
Factors that Affect Software Testability (PS / PDF)
J. Voas
Proceedings of the 9th Pacific Northwest Softw. Quality Conf., p. 235--247, October, 1991, Portland, OR. Publisher: Pacific Northwest Software Quality Conference, Inc.
Predicting Where Faults Can Hide From Testing (PS / PDF)
J. Voas, L. Morell, K. Miller
IEEE Software, 8(2):41--47, March 1991.
Testing Commercial-off-the-Shelf Software Components (Word)
J. Haddox, G. Kapfhammer, C. Michael, M. Schatz
Proceedings of the 18th International Conference and Exposition on Testing.
Automated Software Test Data Generation for Complex Programs (PS / PDF)
G. McGraw and C. Michael
Proceedings of the 13th IEEE Automated Software Engineering Conference, October 13-16, 1998, Honolulu, Hawaii.
Genetic Algorithms for Dynamic Test Data Generation (PS / PDF)
C. Michael, G. McGraw, M. Schatz, and C. Walton
In Proceedings of IEEE International Automated Software Engineering Conference (ASE97), November 3-5, 1997.
Building Software Recovery Assertions from Fault Injection Analysis (PS / PDF)
J. Voas
In Proceedings of COMPSAC'97, August 1997, Washington DC.
Automatic Generation of Test-Cases for Software Testing (PS / PDF)
G. McGraw, C. Michael
Proceedings of the 18th Annual Conference of the Cognitive Science Society, July 1996.
Software Penetration Testing (PDF)
B. Arkin, S. Stender, G. McGraw
IEEE Security & Privacy (Jan/Feb 2005)
Deriving Accurate Operational Profiles for Mass-Marketed Software (PS / PDF)
J. Voas
Submitted to 4th International Conference on Empirical Assessment & Evaluation in Software (EASE 2000).
Can Chaotic Methods Actually Improve Software Quality Predictions? (PS / PDF)
J. Voas
IEEE Software, to appear in 2000.
Wrapping Windows NT Software for Robustness (PS / PDF)
A. Ghosh, M. Schmid, F. Hill
To appear in Proceedings of the 29th International Fault Tolerant Computer Symposium (FTCS-29), June 15-18, 1999, Madison, WI.
Quality Meets the CEO (PDF)
J. Payne
Software Testing & Quality Engineering, May/June 1999 (Vol. 1, Iss. 3)
Using Assertions to Make Untestable Software More Testable (PS / PDF)
J. Voas, L. Kassab
Software Quality Professional.
OTS Software Failures: Can Anything be Done? (PS / PDF)
J. Voas, J. Payne
In Proceedings of the First IEEE Workshop on Application Specific Software Engineering and Technology (ASSET'98), March, 1998, Dallas
Reusing Tests of Reusable Software Components (PS)
C. Michael
In Proceedings of COMPASS '97, June 1997.
Problems of Accuracy in the Prediction of Software Quality from Directed Tests (PS / PDF)
C. Michael, J. Voas
International Conference on Testing Computer Software, June 1997.
A Few Assertions about Information Hiding (PS / PDF)
J. Voas
IEEE Software (Quality Time Column), March 1997.
Using Evolution Constraints to Assess the Failure-proneness of Evolving Software (PS)
C. Michael
Proceedings of the First Euromicro Working Conference on Software Maintenance and Reengineering (CSMR97), March 17-19, 1997, Berlin, Germany.
On the Use of Process Information in Directed Testing (PS)
C. Michael
Software Quality Engineering '97.
Investigating Rare-Event Failure Tolerance: Reductions in Uncertainty (PS / PDF)
J. Voas, F. Charron, K. Miller
Proceedings of IEEE High-Assurance Systems Engineering Workshop (HASE'96), In conjunection with the 15th Symposium on Reliable Distributed Systems, Niagara-on-the-Lake, Canada, October, 1996.
Untangling the Woven Web: Testing Web-based Software (PS / PDF)
G. McGraw, D. Hovemeyer
Proceedings of the 13th International Conference on Testing Computer Software (ICTCS), June 1996.
Building a Java Software Engineering Tool for Testing Applets (PS / PDF)
A.S. Binns, G. McGraw
Proceedings of the IntraNet 96 NY Conference, April 8-10, 1996, New York City.
Detecting Program Modules with Low Testability (PS)
T.M. Khoshgoftaar, R.M. Szabo, J.M. Voas
Proceedings of ICSM'95, Nice, France, October, 1995.
Procedures for Reducing the Size of Coverage-based Test Sets (PS / PDF)
J. Offutt, J. Pan, J. Voas
Proceedings of 12th Int'l. Conf. on Testing Computer Software. Washington, DC. June, 1995.
Examining Fault-tolerance Using Unlikely Inputs: Turning the Test Distribution Up-side Down (PS / PDF)
J. Voas, K. Miller
Proceedings of COMPASS'95, Gaithersburg, MD June, 1995.
Confidently Assessing a Zero Probability of Software Failure (PS)
J. Voas, C. Michael, K. Miller
High Integrity Systems Journal. Oxford University Press. 1(3):269-275, 1995.
Putting Assertions in Their Place (PS)
J. Voas, K. Miller
Proceedings of the Int'l. Symposium on Software Reliability Engineering, November 6-9, 1994, Monterey, CA.
A Comparison of a Dynamic Software Testability Metric to Static Cyclomatic Complexity (PS)
J. Voas, K. Miller, J. Payne
Proceedings of 2nd Int'l. Conf. on Software Quality Management, July, 1994, Edinburgh, Scotland, Publisher: Computational Mechanics Publications.
An Empirical Comparison of a Dynamic Software Testability Metric to Static Cyclomatic Complexity (PS / PDF)
J. Voas, K. Miller, J. Payne
Proceedings of the 18th Annual Software Engineering Workshop, December, 1993, NASA-Goddard Software Engineering Laboratory Series Report 93-003.
Confidently Assessing a Zero Probability of Software Failure (PS)
J. Voas, C. Michael, K. Miller
Proceedings of the 12th Int'l. Conf. on Computer Safety, Reliability, and Security , October, 1993, pp. 197-206, Poznan, Poland. Publisher: Springer-Verlag, ISBN 3-540-19838-5.
Automating Test Case Generation for Coverages Required by FAA Standard DO-178B (PS)
J. Voas, K. Miller, J. Payne
Proceedings of Computers in Aerospace 9, October, 1993, San Diego, CA. Publisher: AIAA.
A Software Analysis Technique for Quantifying Reliability in High-Risk Medical Devices (PS / PDF)
J. Voas, K. Miller, J. Payne
Proceedings of the 6th IEEE Symposium on Computer-Based Medical Systems, June, 1993, Ann Arbor, MI.
Faults on Its Sleeve: Amplifying Software Reliability Testing (PS / PDF)
R. Hamlet, J. Voas
Proceedings of the ACM SIGSOFT Int'l. Symposium on Software Testing and Analysis, June, 1993, Cambridge, MA, Publisher: ACM.
A Framework for Defining Semantic Metrics (PS)
L. Morell, J. Voas
The Journal of Systems and Software, Elsevier Science Publishers Ltd. 20:245-251, March, 1993.
Designing Programs That are Less Likely to Hide Faults (PS / PDF)
J. Voas, K. Miller, J. Payne
The Journal of Systems and Software, Elsevier Science Publishers Ltd. 20:93-100, January, 1993.
Designing Programs that do not Hide Data State Errors During Random Black-Box Testing (PS)
J. Voas, K. Miller, R. Noonan
Proceedings of the 5th Int'l. Conf. on Putting Into Practice Methods and Tools for Information System Design, September, 1992, Nantes, France.
Dynamic Testing Complexity Metric (PS / PDF)
J. Voas
Software Quality Journal, 1(2):101--114, Chapman & Hall, June, 1992.
The Revealing Power of a Test Case (PS / PDF)
J. Voas, K. Miller
Journal of Software Testing, Verification, and Reliability, John Wiley and Sons, 2(1):25-42, May, 1992.
A Dynamic Failure Model for Predicting the Impact that a Program Location has on the Program (PS / PDF)
J. Voas
Lecture Notes in Computer Science Series, Vol. 550: Proc. of the 3rd European Softw. Eng. Conf., p. 308--331, October, 1991, Italy, Publisher: Springer-Verlag, A. Van Lamsweerde and A. Fugetta (Eds.).
Limited Software Warranties (PS / PDF)
J. Voas
To be presented at ECBS 2000, April 2000.
"User Participation"-Based Software Certification (PS / PDF / Word)
J. Voas
To appear in IEEE Computer, early 2000.
Dependability Certification of Software Components (PS / PDF)
J. Voas and J. Payne
Journal of Systems and Software, 2000.
Third-Party Usage Profiling: A Model for Optimizing the Mass-Marketed Software Industry (PS / PDF)
J. Voas
Submitted to IEEE Software.
A Recipe for Certifying High Assurance Software (PS / PDF)
J. Voas
IEEE Software, July 1999.
User Participation-Based Software Certification (PS / PDF)
J. Voas
In proceedings of Eurovav'99, Oslo, Norway, June 1999.
The Software Quality Certification Triangle (PS / PDF / HTML)
J. Voas
Crosstalk, November, 1998.
An Approach for Certifying Security in Software Components (PS / PDF)
A. Ghosh, G. McGraw
Proceedings of the 21st National Information Systems Security Conference, October 5-8, 1998, Crystal City, VA.
An Approach to Certifying Off-the-Shelf Software Components (PS / PDF)
J. Voas
IEEE Computer, June, 1998.
Defensive Approaches to Testing Systems that Contain COTS and Third-Party Functionality (PS / PDF)
J. Voas
In Proc. of 15th Int'l. Conference and Exposition on Testing Computer Software, June, 1998.
Software Certification Laboratories? (PS / PDF)
J. Voas
Crosstalk, April 1998.
A Defensive Approach to Testing Systems that Contain COTS and Third-Party Functionality (PS / PDF)
J. Voas
In the Proceedings AQUIS '98, Venice, April 1998.
Certifying Y2K 'Fixes' (PS / PDF)
J. Voas
Crosstalk, January 1998.
Software Hazard Mining (PS / PDF)
J. Voas
For the IEEE Workshop on Application Specific Software Engineering and Technology (ASSET'99), March, 1999. Richardson, TX.
An Automated Code-based Fault-tree Mitigation Technique (PS / PDF)
J.Voas, K. Miller
Proceedings of 14th Int'l. Conf. on Computer Safety, Security, and Reliability. Italy, October, 1995.
Predicting Software's Minimum-time-to-hazard and Mean-time-to-hazard for Rare Input Events (PS / PDF)
J. Voas, K. Miller
Proceedings of the 6th Int'l. Symp. on Softw. Reliability Engineering, 1995, Publisher: IEEE Computer Society.
Dynamic Testability Analysis for Software Safety (PS)
J. Voas, K. Miller, J. Payne
Proceedings of the 2nd IASTED Int'l. Conf. on Reliability, Quality Control and Risk Assessment, October, 1993, Cambridge, MA, Publisher: IASTED-ACTA Press, ISBN: 0-88986-181-1.
Software Malleability: We're Losing It! (PDF)
J. Voas
In the proceedings of the 2nd Annual Systems Engineering and Supportability Conference, September 1999, San Diego, CA.
This Decade's Eight Greatest Myths About Software Quality (PS / PDF)
J. Voas
IEEE Software, July 1999.
A Government-Controlled United States Software/IT Industry? (PS / PDF)
J. Voas
IEEE Software, May 1999.
Can Critical Information Infrastructure Protection be Achieved with Untested Software? (PS / PDF)
J. Voas
IEEE Software, March 1999.
Disposable Information Systems: The Future of Software Maintenance? (PS / PDF)
J. Voas
Journal of Software Maintenance, March 1999.
Protecting Against What? The Achilles Heel of Information Assurance (PDF)
J. Voas
IEEE Software, January 1999.
Will Software Failures Halt the Availablility of Business Insurance? (PS / PDF)
J. Voas
International Symposium on Software Reliability Engineering (ISSRE'98), November 4-7, 1998, Paderborn, GE.
Massive Games of Artificial Life on the Internet: A Testbed for Research on Survivability Architectures (Word)
G. McGraw, K. Sullivan
Proceedings of the Information Survivability Workshop, October 28-30 1998, Orlando, FL.
Studying Behavior to Unlock the Truth About Quality
J. Voas
Cutter IT Journal, September, 1998 (Volume 11, Number 9), p. 7-11.
Maintaining Component-based Systems (PS / PDF)
J. Voas
IEEE Software, July, 1998.
Independent Software Measurement's Role in the Liability Puzzle (PS / PDF)
J. Voas
In the Proceeding of The European Software Measurement Conference Antwerp, Belgium May 1998
COTS: The Economical Choice? (PS)
J. Voas
IEEE Software (Manager Column), March 1998.
The Ability of Directed Tests to Predict Software Quality (PS)
C. Michael, J. Voas
In Annals of Software Engineering, August 1997.
Can Clean Pipes Produce Dirty Water? (PS / PDF)
J. Voas
IEEE Software (Quality Time Column), July 1997.
Glueing Together Software Components: How Good is Your Glue? (PS / PDF)
J. Voas, A. Ghosh, G. McGraw, K.Miller
Proceedings of Pacific Northwest Software Quality Conference, October, 1996.
Emergent Letter Perception: Implementing the Role Hypothesis (PS / PDF)
G. McGraw, D. Hofstadter
Proceedings of the 18th Annual Conference of the Cognitive Science Society, July 1996.
Testing Software for Characteristics Other than Correctness: Safety, Failure-tolerance, and Security (PS / PDF)
J. Voas
Proceedings of the Int'l. Conf. on Testing Computer Software.
Using Fault Injection to Assess Software Engineering Standards (PS / PDF)
J. Voas, K. Miller
Proceedings of Int'l. Symp. on Software Engineering Standards, August, 1995.
A Model for Detecting the Existence of Software Corruption in Real Time (PS / PDF)
J. Voas, J. Payne, F. Cohen
Computers and Security J., 11(8), Elsevier Science Publishers Ltd. 1993.
A Model for Assessing the Liability of Seemingly Correct Software (PS / PDF)
J. Voas, L. Voas, K. Miller
Proceedings of the IASTED Int'l. Conf. on Reliability, Quality Control and Risk Assessment, p. 32--35, November, 1992, Washington, D.C, Publisher: IASTED-ACTA Press, ISBN: 0-88986-171-4.