Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Publications

Search Publications by

D. Richard Kuhn (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 174

A Data Structure for Integrity Protection with Erasure Capability

May 20, 2022
Author(s)
D. Richard Kuhn
This document describes a data structure, referred to as a data block matrix, that supports the ongoing addition of hash-linked records while also allowing for the deletion of arbitrary records, thereby preserving hash-based integrity assurance that other

A Pseudo Exhaustive Software Testing Framework for Embedded Digital Devices in Nuclear Power

June 14, 2021
Author(s)
Athira Jayakumar, D. Richard Kuhn, Brandon Simons, Aidan Collins, Smitha Gautham, Richard Hite, Raghu N. Kacker, Abhi Rajagopala, Carl Elks
The major challenge faced by the nuclear industry related to software testing of digital embedded devices is the identification of practical software (SW) testing solutions that provide a strong technical basis and is at the same time effective in

Combinatorial Testing Metrics for Machine Learning

April 12, 2021
Author(s)
Erin Lanus, Laura Freeman, D. Richard Kuhn, Raghu N. Kacker
This short paper defines a combinatorial coverage metric for comparing machine learning (ML) data sets and proposes the differences between data sets as a function of combinatorial coverage. The paper illustrates its utility for evaluating and predicting

Combinatorially XSSing Web Application Firewalls

April 12, 2021
Author(s)
Bernhard Garn, Daniel S. Lang, Manuel Leithner, D. Richard Kuhn, Raghu N. Kacker, Dimitris Simos
Cross-Site scripting (XSS) is a common class of vulnerabilities in the domain of web applications. As it remains prevalent despite continued efforts by practitioners and researchers, site operators often seek to protect their assets using web application

Combinatorial Test Generation for Multiple Input Models with Shared Parameters

March 17, 2021
Author(s)
Chang Rao, Nan Li, Yu Lei, Jin Guo, YaDong Zhang, Raghu N. Kacker, D. Richard Kuhn
Combinatorial testing typically considers a single input model and creates a single test set that achieves t-way coverage. This paper addresses the problem of combinatorial test generation for multiple input models with shared parameters. We formally

A Trusted Federated System to Share Granular Data Among Disparate Database Resources

March 15, 2021
Author(s)
Joanna DeFranco, David F. Ferraiolo, D. Richard Kuhn, Joshua D. Roberts
Sharing data between different organizations is a challenge primarily due to database management systems (DBMSs) being different types that impose different schemas to represent and retrieve data. In addition, maintaining security and privacy is a concern

Combinatorial Methods for Explainable AI

October 24, 2020
Author(s)
David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos
This paper introduces an approach to producing explanations or justifications of decisions made by artificial intelligence and machine learning (AI/ML) systems, using methods derived from fault location in combinatorial testing. We use a conceptually

Effectiveness of dataset reduction in testing machine learning algorithms

August 25, 2020
Author(s)
Raghu N. Kacker, David R. Kuhn
Abstract— Many machine learning algorithms examine large amounts of data to discover insights from hidden patterns. Testing these algorithms can be expensive and time-consuming. There is a need to speed up the testing process, especially in an agile

Aggregating Atomic Clocks for Time-Stamping

August 3, 2020
Author(s)
Temur Saidkhodjaev, Jeff Voas, D. Richard Kuhn, Joanna DeFranco, Phil Laplante
A timestamp is a critical component in many applications, such as proof of transaction ordering or analyzing algorithm performance. This paper reports on a method called Verified Timestamping (VT) that improves the standard timestamp protocol. VT was

Narrow Spectrum Software Testing Addressing Complexity and Trust

April 9, 2020
Author(s)
David R. Kuhn, Mohammad Raunak
Combination coverage based testing supplements basic structural coverage based test selection. This provides a sound test engineering method with defensible, quantitative measures of test completeness.

Input Space Coverage Matters

January 15, 2020
Author(s)
David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos
Testing is the most commonly used approach for software assurance, yet it remains as much judgement and art as science. Structural coverage adds some rigor to the process by establishing formally defined criteria for some notion of test completeness, but

Low-Power Wide Area Networks (LPWAN) for Communications of Mobile Sensor Data

September 10, 2019
Author(s)
Sebastian Barillaro, Sokwoo Rhee, Raghu N. Kacker, Mark L. Badger, David R. Kuhn, Gustavo Escudero
There are multiple options for communication of data to and from mobile sensors. For tracking systems, Global Navigation Satellite System (GNSS) is often used for localization and mobile- phone technologies are used for transmission of data. Low-power wide

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

Improving MC/DC and Fault Detection Strength Using Combinatorial Testing

July 25, 2019
Author(s)
D. Richard Kuhn, Raghu N. Kacker
Software, in many different fields and tasks, has played a critical role and even replaced humans to improve efficiency and safety. However, catastrophic consequences can be caused by implementation bugs and design defects. MC/DC (Modified Condition

Attribute Considerations for Access Control Systems

June 18, 2019
Author(s)
Chung Tong Hu, David F. Ferraiolo, David Kuhn
Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need to be established, issued, stored, and managed under an authority. Attributes shared across

An Approach to T-way Test Sequence Generation With Constraints

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn
In this paper we address the problem of constraint handling in t-way test sequence generation. We develop a notation for specifying sequencing constraints and present a t-way test sequence generation that handles the constraints specified in this notation

Applying Combinatorial Testing to Large-scale Data Processing at Adobe

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn, Riley Smith
Adobe offers an analytics product as part of the Marketing Cloud software with which customers can track many details about users across various digital platforms. For the most part, customers define the amount and type of data to track. This high

Measuring Combinatorial Coverage at Adobe

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn, Riley Smith
Adobe offers an analytics product as part of the Marketing Cloud software with which customers can track many details about users across various digital platforms. For the most part, customers define the amount and type of data to track. In addition

Using Parameter Mapping to Avoid Forbidden Tuples in a Covering Array

April 22, 2019
Author(s)
Raghu N. Kacker, David R. Kuhn, Yu Lei
This paper addresses an optimization problem that occurs when we try to remove from a covering array (CA) the rows that do not satisfy a given set of constraints. That is, how to minimize the number of rows to be removed? The key observation is that the

Browser Fingerprinting using Combinatorial Sequence Testing

April 1, 2019
Author(s)
Bernhard Garn, Dimitris Simos, Stefan Zimmer, D. Richard Kuhn, Raghu N. Kacker
In this paper, we propose an approach for browser fingerprinting using their behavior during the TLS 1.2 handshake with a server. Using combinatorial methods, we created test sets consisting of TLS server-side messages as sequences that are sent to the

Rethinking Distributed Ledger Technology

March 20, 2019
Author(s)
David R. Kuhn, Dylan J. Yaga, Jeffrey M. Voas
Blockchains were designed to solve the problem of double-spending in cryptocurrencies, and the success of the Bitcoin design has generated vastly more interest than previous proposals for digital currencies. Blockchains are being used in other areas as