Combinatorial Testing for Cybersecurity and Reliability
David R. Kuhn, Raghu N. Kacker, Larry Feldman, Gregory A. Witte
This bulletin focuses on NIST's combinatorial testing work. Combinatorial testing is a proven method for more effective software testing at lower cost. The key insight underlying combinatorial testing's effectiveness resulted from a series of studies by NIST from 1999 to 2004. NIST research showed that most software bugs and failures are caused by one or two parameters, with progressively fewer by three or more.