Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: D. Richard Kuhn (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 181

AI Assurance for the Public -- Trust but Verify, Continuously

October 3, 2022
Phillip Laplante, D. Richard Kuhn
Artificial intelligence (AI) systems are increasingly seen in many public facing applications such as self-driving land vehicles, autonomous aircraft, medical systems and financial systems. AI systems should equal or surpass human performance, but given

Ordered t-way Combinations for Testing State-based Systems

June 13, 2022
D. Richard Kuhn, M S Raunak, Raghu N. Kacker
Fault detection often depends on the specific order of inputs that establish states which eventually lead to a failure. However, beyond basic structural coverage metrics, it is often difficult to determine if code has been exercised sufficiently to ensure

A Data Structure for Integrity Protection with Erasure Capability

May 20, 2022
D. Richard Kuhn
This document describes a data structure, referred to as a data block matrix, that supports the ongoing addition of hash-linked records while also allowing for the deletion of arbitrary records, thereby preserving hash-based integrity assurance that other

A Pseudo Exhaustive Software Testing Framework for Embedded Digital Devices in Nuclear Power

June 14, 2021
Athira Jayakumar, D. Richard Kuhn, Brandon Simons, Aidan Collins, Smitha Gautham, Richard Hite, Raghu N. Kacker, Abhi Rajagopala, Carl Elks
The major challenge faced by the nuclear industry related to software testing of digital embedded devices is the identification of practical software (SW) testing solutions that provide a strong technical basis and is at the same time effective in

Combinatorially XSSing Web Application Firewalls

April 12, 2021
Bernhard Garn, Daniel S. Lang, Manuel Leithner, D. Richard Kuhn, Raghu N. Kacker, Dimitris Simos
Cross-Site scripting (XSS) is a common class of vulnerabilities in the domain of web applications. As it remains prevalent despite continued efforts by practitioners and researchers, site operators often seek to protect their assets using web application

Combinatorial Testing Metrics for Machine Learning

April 12, 2021
Erin Lanus, Laura Freeman, D. Richard Kuhn, Raghu N. Kacker
This short paper defines a combinatorial coverage metric for comparing machine learning (ML) data sets and proposes the differences between data sets as a function of combinatorial coverage. The paper illustrates its utility for evaluating and predicting

Combinatorial Test Generation for Multiple Input Models with Shared Parameters

March 17, 2021
Chang Rao, Nan Li, Yu Lei, Jin Guo, YaDong Zhang, Raghu N. Kacker, D. Richard Kuhn
Combinatorial testing typically considers a single input model and creates a single test set that achieves t-way coverage. This paper addresses the problem of combinatorial test generation for multiple input models with shared parameters. We formally

A Trusted Federated System to Share Granular Data Among Disparate Database Resources

March 15, 2021
Joanna DeFranco, David F. Ferraiolo, D. Richard Kuhn, Joshua D. Roberts
Sharing data between different organizations is a challenge primarily due to database management systems (DBMSs) being different types that impose different schemas to represent and retrieve data. In addition, maintaining security and privacy is a concern

Combinatorial Methods for Explainable AI

October 24, 2020
David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos
This paper introduces an approach to producing explanations or justifications of decisions made by artificial intelligence and machine learning (AI/ML) systems, using methods derived from fault location in combinatorial testing. We use a conceptually

Vulnerability Trends in Web Servers and Browsers

September 11, 2020
M S Raunak, D. Richard Kuhn, Raghu N. Kacker, Richard Kogut
In previous work we have looked at trends in vulnerabilities due to ordinary programming errors [2, 3]. This analysis focuses on two of the most widely used types of software in today's internet, web browsers and web servers. In addition to reports of

Effectiveness of dataset reduction in testing machine learning algorithms

August 25, 2020
Raghu N. Kacker, David R. Kuhn
Abstract— Many machine learning algorithms examine large amounts of data to discover insights from hidden patterns. Testing these algorithms can be expensive and time-consuming. There is a need to speed up the testing process, especially in an agile

Aggregating Atomic Clocks for Time-Stamping

August 3, 2020
Temur Saidkhodjaev, Jeff Voas, D. Richard Kuhn, Joanna DeFranco, Phil Laplante
A timestamp is a critical component in many applications, such as proof of transaction ordering or analyzing algorithm performance. This paper reports on a method called Verified Timestamping (VT) that improves the standard timestamp protocol. VT was

Narrow Spectrum Software Testing Addressing Complexity and Trust

April 9, 2020
David R. Kuhn, Mohammad Raunak
Combination coverage based testing supplements basic structural coverage based test selection. This provides a sound test engineering method with defensible, quantitative measures of test completeness.

Input Space Coverage Matters

January 15, 2020
David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos
Testing is the most commonly used approach for software assurance, yet it remains as much judgement and art as science. Structural coverage adds some rigor to the process by establishing formally defined criteria for some notion of test completeness, but

Low-Power Wide Area Networks (LPWAN) for Communications of Mobile Sensor Data

September 10, 2019
Sebastian Barillaro, Sokwoo Rhee, Raghu N. Kacker, Mark L. Badger, David R. Kuhn, Gustavo Escudero
There are multiple options for communication of data to and from mobile sensors. For tracking systems, Global Navigation Satellite System (GNSS) is often used for localization and mobile- phone technologies are used for transmission of data. Low-power wide

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

Improving MC/DC and Fault Detection Strength Using Combinatorial Testing

July 25, 2019
D. Richard Kuhn, Raghu N. Kacker
Software, in many different fields and tasks, has played a critical role and even replaced humans to improve efficiency and safety. However, catastrophic consequences can be caused by implementation bugs and design defects. MC/DC (Modified Condition

Attribute Considerations for Access Control Systems

June 18, 2019
Chung Tong Hu, David F. Ferraiolo, David Kuhn
Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need to be established, issued, stored, and managed under an authority. Attributes shared across