Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 2426 - 2450 of 9852

Pandemic parallels: What can cybersecurity learn from COVID?

March 15, 2021

Author(s)

Steven Furnell, Julie Haney, Mary Theofanos

While the threats may appear to be vastly different, further investigation reveals that the cybersecurity community can learn much from the COVID-19 response.

Narrow Spectrum Software Testing Addressing Complexity and Trust

April 9, 2020

Author(s)

David R. Kuhn, Mohammad Raunak

Combination coverage based testing supplements basic structural coverage based test selection. This provides a sound test engineering method with defensible, quantitative measures of test completeness.

Input Space Coverage Matters

January 15, 2020

Author(s)

David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos

Testing is the most commonly used approach for software assurance, yet it remains as much judgement and art as science. Structural coverage adds some rigor to the process by establishing formally defined criteria for some notion of test completeness, but

Opaque Wrappers and Patching: Negative Results

November 21, 2019

Author(s)

Paul E. Black, Monika Singh

When a patch is released for buggy software, bad actors may be able to analyze the patch and create an attack on unpatched machines. A wrapper could block attacking inputs, but it, too, gives attackers critical information. An opaque wrapper hides such

Rethinking Distributed Ledger Technology

March 20, 2019

Author(s)

David R. Kuhn, Dylan J. Yaga, Jeffrey M. Voas

Blockchains were designed to solve the problem of double-spending in cryptocurrencies, and the success of the Bitcoin design has generated vastly more interest than previous proposals for digital currencies. Blockchains are being used in other areas as

No Phishing beyond This Point

June 27, 2018

Author(s)

Kristen Greene, Michelle P. Steves, Mary F. Theofanos

As phishing continues to evolve, what is your organization doing to stay off the hook?

Alexa, Can I Trust You?

September 29, 2017

Author(s)

Judy Chung, Michaela Iorga, Jeff Voas, Sangjin Lee

Security diagnostics expose vulnerabilities and privacy threats that exist in commercial Intelligent Virtual Assistants (IVA)-- diagnostics offer the possibility of securer IVA ecosystems. This paper explores security and privacy concerns with these

What Happened to Software Metrics?

May 25, 2017

Author(s)

Jeffrey M. Voas, David R. Kuhn

In the 1980's, the software quality community was all 'a buzz' with seemingly endless 'potential' approaches for producing higher quality software. At the forefront of that was software metrics, along with the corresponding software testing techniques and

Combinatorial Methods in Security Testing

October 20, 2016

Author(s)

Dimitris Simos, D. Richard Kuhn, Artemios Voyiatzis, Raghu N. Kacker

This article introduces combinatorial testing-based approaches for security testing and presents case studies and experiences. The success of the presented research program motivates further intensive research on the field of combinatorial security testing

Entropy as a Service: Unlocking Cryptography's Full Potential

September 7, 2016

Author(s)

Apostol T. Vassilev, Robert L. Staples

Securing the Internet of Things (IoT) requires strong cryptography, which depends on the availability of good entropy for generating unpredictable keys and accurate clocks. Attacks abusing weak keys or old inputs portend challenges for IoT. EaaS is a novel

Whatever Happened to Formal Methods for Security?

August 23, 2016

Author(s)

Kim B. Schaffer, Jeffrey M. Voas

We asked 7 experts 7 questions to find out what has occurred recently in terms of applying formal methods (FM) to security-centric, cyber problems. We were curious as to whether this successful methodology in "safety-critical" has succeeded as well for

Demystifiying the Internet of Things

June 27, 2016

Author(s)

Jeffrey M. Voas

This short column introduces the need for a foundational science to the Internet of Things (IoT). It introduces the notion of primitives and elements, and their relationship to trustworthiness.

Metamorphic Testing for Cybersecurity

June 27, 2016

Author(s)

Tsong Yueh Chen, Fei-Ching Kuo, Wenjuan Ma, Willy Susilo, Dave Towey, Jeff Voas, Zhi Q. Zhou

Testing is a major approach for the detection of software defects, including security vulnerabilities. This article introduces metamorphic testing (MT), a relatively new testing method, and discusses how the new perspective of MT can help to conduct

Insights on Formal Methods of Cybersecurity

May 27, 2016

Author(s)

Jeffrey M. Voas, Kim B. Schaffer

We asked 7 experts 1 simple question to find out what has occurred recently in terms of applying formal methods (FM) to security-centric, cyber problems: Please summarize in a paragraph the state of the research and practitioner communities in formal

Third-Party Software's Trust Quagmire

December 18, 2015

Author(s)

Jeffrey M. Voas, George Hurlburt

Integrating software developed by third-party organizations into a larger system raises concerns about the software's quality, origin, functionality, security, and interoperability. Addressing these concerns requires rethinking the roles of software's

Expanding Continuous Authentication with Mobile Devices

November 13, 2015

Author(s)

Kim B. Schaffer

Continuous Authentication has been around but has been met with several limitations. Recent development of mobile platforms are providing relief for many of these limitations as they take advantage of multiple sensors and sufficient processing power for

Introducing Combinatorial Testing in a Large Organization

April 23, 2015

Author(s)

Jon Hagar, Thomas Wissink, D. Richard Kuhn, Raghu N. Kacker

A two-year study of eight pilot projects to introduce combinatorial testing in a large aerospace corporation found that the new methods were practical, significantly lowered development costs, and improved test coverage by 20 to 50 percent.

Avoiding Catastrophes in Cyberspace through Smarter Testing: How to prevent Heartbleed-like disasters using readily available testing technologies

October 16, 2014

Author(s)

Apostol T. Vassilev, Christopher Celi

The recently discovered Heartbleed bug in OpenSSLs implementation of Internet security protocols and the aftermath from dealing with its consequences highlights a critical problem in the software industry. Software is routinely, inadequately tested

The IEEE VSSC/1622: Voting System Standards

September 15, 2014

Author(s)

John P. Wack

This article presents an overview of the IEEE VSSC/1622 and its working groups. It contains information as to why a common data format for voting systems is needed and how VSSC/1622 standards will improve voting system operations and use. It contains

Software Testing - Guest Editor Introduction

February 3, 2014

Author(s)

Renee Bryce, D. Richard Kuhn

This special issue presents papers that focus on important problems within the Software Testing community.

The Importance of Entropy to Information Security

February 3, 2014

Author(s)

Apostol T. Vassilev, Timothy Hall

The strength of cryptographic keys is an active challenge in academic research and industrial practice. In this paper we discuss the entropy as fundamentally important concept for generating hard-to-guess, i.e., strong, cryptographic keys and outline the

Testing the Nations Health care Information Infrastructure

November 10, 2012

Author(s)

Kevin G. Brady, Ram D. Sriram, Bettijoyce B. Lide, Kathleen M. Roberts

According to a report by the Center for Medicare and Medicaid Services [CMS] (http://www.cms.gov), the United States spent nearly $2.6 trillion dollars on health care in 2010. It is estimated that this will nearly double by the end of this decade. This is

The Juliet 1.1 C/C++ and Java Test Suite

October 1, 2012

Author(s)

Frederick E. Boland Jr., Paul E. Black

The Juliet Test Suite 1.1 is a collection of over 81,000 synthetic C/C++ and Java programs with known flaws. These programs are useful as test cases for testing the effectiveness of static analyzers and other software assurance tools, and are in the public

Improving Face Recognition Technology

March 9, 2011

Author(s)

P J. Phillips

US-government sponsored evaluations and challenge problems have helped spur over two-orders-of-magnitude improvement in face recognition system performance.

Combinatorial Software Testing

August 7, 2009

Author(s)

David R. Kuhn, Raghu N. Kacker, Yu Lei, Justin Hunter

Developers of large data-intensive software often notice an interesting - though not surprising - phenomenon: when usage of an application jumps dramatically, components that have operated for months without trouble suddenly develop previously undetected

Was this page helpful?

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Artificial intelligence
-AI measurement and evaluation
-Autonomous systems
--Automated vehicles
--Autonomous laboratories
-Applied AI
-Fundamental AI
-Hardware for AI
-Machine learning
-Trustworthy and responsible AI
Bioscience
-Bioeconomy
--Biological data
-Bioimaging
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Biometrology
-Biosecurity
--Biosurveillance
--Genomic cybersecurity
--Nucleic acid sequence screening
-Cell measurements
-Engineering / synthetic biology
--Biofabrication
--Cell-free systems
--Genome engineering
--Protein engineering
-Gene delivery systems
-Genome editing
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate Measurements
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Cell and gene therapy
-Clinical diagnostics
--Cancer
--Medical imaging
-Food and nutrition
-Human microbiome
-Precision medicine
-Regenerative medicine and advanced therapy
--Flow cytometry
Information technology
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity and privacy
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Digital twins
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing quality assurance
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Robotics
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
--Recovery
--Resilience metrics
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Quality assurance
-Reference data
-Reference instruments
-Reference materials
-Standards education
Technology transfer
Transportation
-Aerospace
-Automotive