Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Combinatorial Testing for Cybersecurity and Reliability



David R. Kuhn, Raghu N. Kacker, Larry Feldman, Gregory A. Witte


This bulletin focuses on NIST's combinatorial testing work. Combinatorial testing is a proven method for more effective software testing at lower cost. The key insight underlying combinatorial testing's effectiveness resulted from a series of studies by NIST from 1999 to 2004. NIST research showed that most software bugs and failures are caused by one or two parameters, with progressively fewer by three or more.
ITL Bulletin - May 2016
Report Number
May 2016


algorithms, combinatorial testing, constraints, covering array, software testing, test suite


Kuhn, D. , Kacker, R. , Feldman, L. and Witte, G. (2016), Combinatorial Testing for Cybersecurity and Reliability, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed April 15, 2024)
Created May 12, 2016, Updated February 19, 2017