Algorithm for Optimal and Complete Testing of Software and Hardware Data Security Tools

Abstract

The paper considers the disadvantages of existing approaches to testing software and hardware data security tools in order to confirm compliance of the implemented functionality with the declared characteristics. It demonstrates the necessity of ensuring completeness and optimality of testing. The paper describes some testing approaches based on the development of mathematical models using the automata theory and ensuring completeness of testing, but leaving the question of its optimality open. It describes the approach proposed earlier by the authors, which ensures both completeness and optimality of testing using the graph theory. In accordance with this approach, the software and hardware data security tool is represented as a directed graph without loops or multiple edges. The graph vertices correspond to the states of the software or hardware component, and the directed edges correspond to the transitions of the data security tool from one state to another when performing non-target functions or security functions. On the basis of this approach, the authors propose an algorithm for solving the problem of testing software and hardware data security tools using a number of well-known algorithms on graphs. In the paper, it is substantiated that a solution to the problem of ensuring completeness and optimality of testing exists if and only if any vertex of the derived graph obtained by removing all unused vertices and edges either belongs to a directed chain or lies in a strongly connected component. Application of the proposed algorithm for solving the problem of testing one of the software and hardware security tools is considered, and the possibility of its application in practice is confirmed.