Term:Security Fault Injection Test

From FISMApedia
Jump to: navigation, search

NIST SP 800-95

Security Fault Injection Test - Involves data perturbation (i.e., alteration of the type of data the execution environment components pass to the application, or that the application's components pass to one another). Fault injection can reveal the effects of security defects on the behavior of the components themselves and on the application as a whole. (Department of Homeland Security, Security in the Software Lifecycle: Making Software Development Processes-and Software Produced by Them-More Secure Version 1.0, https://buildsecurityin.us- cert.gov)