beef up robustness testing activity per FSO and Aerospace comments

commoncriteria / application

Protection Profile for Application Software

The Unlicense

9 stars 3 forks source link

beef up robustness testing activity per FSO and Aerospace comments #48

Closed jeffblank closed 10 years ago

jeffblank commented 10 years ago

Need to add more info about robustness testing, to include providing invalid inputs.

Could also add some kind of casual inspection of battery usage, to placate those obsessed with battery usage as a security indicator.

bourdett commented 10 years ago

is invalid inputs considered 'normal usage'. The requirements says the app should be robust under normal usage.

invalid inputs sounds more like fuzzing and black box testings. Which i'm all in favor of, but it is probably not considered normal usage.

zsmi commented 10 years ago

I think the application should be at least robust enough that if a user enters an incorrect username/password etc that it doesn't crash. I don't think the testers should be fuzzing though.

zsmi commented 10 years ago

We've removed the robustness requirements and tests so I'm closing this issue.