Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: D. Richard Kuhn (Fed)

Displaying 26 - 50 of 189

Aggregating Atomic Clocks for Time-Stamping

August 3, 2020

Author(s)

Temur Saidkhodjaev, Jeff Voas, D. Richard Kuhn, Joanna DeFranco, Phil Laplante

A timestamp is a critical component in many applications, such as proof of transaction ordering or analyzing algorithm performance. This paper reports on a method called Verified Timestamping (VT) that improves the standard timestamp protocol. VT was

Narrow Spectrum Software Testing Addressing Complexity and Trust

April 9, 2020

Author(s)

David R. Kuhn, Mohammad Raunak

Combination coverage based testing supplements basic structural coverage based test selection. This provides a sound test engineering method with defensible, quantitative measures of test completeness.

Input Space Coverage Matters

January 15, 2020

Author(s)

David R. Kuhn, Raghu N. Kacker, Yu Lei, Dimitris Simos

Testing is the most commonly used approach for software assurance, yet it remains as much judgement and art as science. Structural coverage adds some rigor to the process by establishing formally defined criteria for some notion of test completeness, but

Low-Power Wide Area Networks (LPWAN) for Communications of Mobile Sensor Data

September 10, 2019

Author(s)

Sebastian Barillaro, Sokwoo Rhee, Raghu N. Kacker, Mark L. Badger, David R. Kuhn, Gustavo Escudero

There are multiple options for communication of data to and from mobile sensors. For tracking systems, Global Navigation Satellite System (GNSS) is often used for localization and mobile- phone technologies are used for transmission of data. Low-power wide

Knowledge Extraction for Cryptographic Algorithm Validation Test Vectors by Means of Combinatorial Coverage Measurement

August 23, 2019

Author(s)

Dimitris Simos, Bernhard Garn, Ludwig Kampel, D. Richard Kuhn, Raghu N. Kacker

We present a combinatorial coverage measurement analysis for test vectors provided by the NIST Cryptographic Algorithm Validation Program (CAVP), and in particular for test vectors targeting the AES block ciphers for di erent key lengths and cryptographic

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

Improving MC/DC and Fault Detection Strength Using Combinatorial Testing

July 25, 2019

Author(s)

D. Richard Kuhn, Raghu N. Kacker

Software, in many different fields and tasks, has played a critical role and even replaced humans to improve efficiency and safety. However, catastrophic consequences can be caused by implementation bugs and design defects. MC/DC (Modified Condition

Attribute Considerations for Access Control Systems

June 18, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David Kuhn

Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need to be established, issued, stored, and managed under an authority. Attributes shared across

An Approach to T-way Test Sequence Generation With Constraints

April 22, 2019

Author(s)

Raghu N. Kacker, David R. Kuhn

In this paper we address the problem of constraint handling in t-way test sequence generation. We develop a notation for specifying sequencing constraints and present a t-way test sequence generation that handles the constraints specified in this notation

Applying Combinatorial Testing to Large-scale Data Processing at Adobe

April 22, 2019

Author(s)

Raghu N. Kacker, David R. Kuhn, Riley Smith

Adobe offers an analytics product as part of the Marketing Cloud software with which customers can track many details about users across various digital platforms. For the most part, customers define the amount and type of data to track. This high

Measuring Combinatorial Coverage at Adobe

April 22, 2019

Author(s)

Raghu N. Kacker, David R. Kuhn, Riley Smith

Using Parameter Mapping to Avoid Forbidden Tuples in a Covering Array

April 22, 2019

Author(s)

Raghu N. Kacker, David R. Kuhn, Yu Lei

This paper addresses an optimization problem that occurs when we try to remove from a covering array (CA) the rows that do not satisfy a given set of constraints. That is, how to minimize the number of rows to be removed? The key observation is that the

Towards an Automated Unified Framework to Run Applications for Combinatorial Interaction Testing

April 14, 2019

Author(s)

Bestoun Ahmed, Amador Pahim, Cleber Rosa, D. Richard Kuhn, Miroslav Bures

Combinatorial interaction testing (CIT) is a well-known technique, but industrial experience is needed to determine its effectiveness in different application domains. We present a case study introducing a unified framework for generating, executing and

Browser Fingerprinting using Combinatorial Sequence Testing

April 1, 2019

Author(s)

Bernhard Garn, Dimitris Simos, Stefan Zimmer, D. Richard Kuhn, Raghu N. Kacker

In this paper, we propose an approach for browser fingerprinting using their behavior during the TLS 1.2 handshake with a server. Using combinatorial methods, we created test sets consisting of TLS server-side messages as sequences that are sent to the

Rethinking Distributed Ledger Technology

March 20, 2019

Author(s)

David R. Kuhn, Dylan J. Yaga, Jeffrey M. Voas

Blockchains were designed to solve the problem of double-spending in cryptocurrencies, and the success of the Bitcoin design has generated vastly more interest than previous proposals for digital currencies. Blockchains are being used in other areas as

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

February 25, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

[Includes updates as of February 25, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by

A Method Level Test Generation Framework for Debugging Big Data Applications

January 24, 2019

Author(s)

Huadong Feng, Jagan Chandrasekaran, Yu Lei, Raghu N. Kacker, D. Richard Kuhn

When a failure occurs in a big data application, debugging with the original dataset can be difficult due to the large amount of data being processed. This paper introduces a framework for effectively generating method-level tests to facilitate debugging

A Method-Level Test Generation Framework for Debugging Big Data Applications

January 24, 2019

Author(s)

Raghu N. Kacker, David R. Kuhn, Huadong Feng, Yu J. Lei

Big data applications are now widely used to process massive amounts of data we create every day. When a failure occurs in a big data application, debugging at the system-level input can be expensive due to the large amount of data being processed. This

Access Control for Emerging Distributed Systems

November 1, 2018

Author(s)

Chung Tong Hu, David R. Kuhn, David F. Ferraiolo

As big data, cloud computing, grid computing, and the Internet of Things reshape current data systems and practices, IT experts are keen to harness the power of distributed systems to boost security and prevent fraud. How can these systems' capabilities be

MCDC-Star  An Open-source MC/DC Measurement Tool

September 22, 2018

Author(s)

Raghu N. Kacker, David R. Kuhn, Eric Wong

Applying MC/DC criterion to real-world projects can be expensive due to not only the cost of commercial tools, but also the difficulty of generating test cases to achieve high coverage. To lower the expense from both aspects, this paper presents an easy-to

Cybertrust in the IoT Age

July 31, 2018

Author(s)

Jeff Voas, D. Richard Kuhn, Constantinos Kolias, Angelos Stavrou, Georgios Kambourakis

The Internet of Things generates new opportunities but creates new challenges with respect to trustworthiness. Computing, architecture, and verification changes are inevitable to meet these challenges, particularly if predictions of 20 billion to 50

In IoT We Trust?

July 13, 2018

Author(s)

Jeff Voas, D. Richard Kuhn, Phillip Laplante

In this short article, we review an abbreviated list of trust challenges that we foresee as increased adoption transforms the IoT into another ubiquitous technology just as the Internet is. These challenges are in no specific order, and are by no means a

Finding Bugs in Cryptographic Hash Function Implementations

July 6, 2018

Author(s)

Nicky W. Mouha, Mohammad Raunak, David R. Kuhn, Raghu N. Kacker

Cryptographic hash function implementations can be particularly difficult to test, and bugs can remain unnoticed for a very long time. We revisit the NIST SHA-3 hash function competition, and apply a new testing strategy to all available reference

Pseudo-exhaustive Verification of Rule Based Systems

July 1, 2018

Author(s)

David R. Kuhn, Dylan J. Yaga, Raghu N. Kacker, Yu Lei, Chung Tong Hu

Rule-based systems are important in application domains such as artificial intelligence and business rule engines, as well as formal methods for software design. When translated into an implementation, simple expressions in rules may map to thousands of

Internet of Things (IoT) Metrology

June 11, 2018

Author(s)

Jeff Voas, D. Richard Kuhn, Phillip Laplante

The field of metrology has evolved into many classes and viewpoints over centuries of time. What we are suggesting is how that body of knowledge may be applicable to IoT and where the research opportunities for new measures that are IoT-centric might be in