On Software Unit Testing for Improving Security and Performance of Distributed Applications

Abstract

Performance and security are software (SW) application attributes situated on the opposite corners of system design. In the most drastic example the most secure component is the one totally isolated from the outside world, with communication performance reduced to zero level (e.g. disconnected physically from the network, placed inside a Faraday cage to eliminate possible wireless accessibility). On the other hand the most performance-optimized system is the one with all security rules taken off. Obviously such extreme implementations cannot be accepted, thus a reasonable trade-off between security and performance is desired, starting from the appropriate design, resulting in the adequate implementation, confirmed by security and performance testing in production environment. Unit testing (UT) is a well-know method of examining the smallest portion of SW application source code – units: methods, classes, interfaces in order to verify whether they behave as designed. Ideally, each UT test case is separated from others, taking advantage of stubs and mocks to provide full isolation from external test factors. This paper is an extension to research about joint security testing and performance testing for improving quality of distributed applications working in public-private network environments,addressing SW quality assessment at different, unit test level.