White and grey-box verification and validation approaches for safety- and security-critical software systems

In this article, the problem of assessing software trustworthiness is considered from a holistic perspective addressing both safety- and security-critical application domains. In particular, the importance of achieving high structural coverage during component and integration testing phases is stressed. In view of the immense effort required by manual testing activities, the present article suggests novel automatic test case generation techniques, capable of maximizing test coverage and minimizing test amount. The tools developed on the basis of these approaches were successfully applied to achieve high control flow, data flow and interface coverage by means of a low number of test cases.