Fault coverage of Constrained Random Test Selection for access control: A formal analysis

A probabilistic model of fault coverage is presented. This model is used to analyze the variation in the fault detection effectiveness associated with the use of two test selection strategies: heuristics-based and Constrained Random Test Selection (CRTS). These strategies arise in the context of conformance test suite generation for Role Based Access Control (RBAC) systems. The proposed model utilizes coverage matrix based approach for fault coverage analysis. First, two boundary instances of fault distribution are considered and then generalized. The fault coverages of the test suites generated using the heuristics-based and the CRTS strategies, applied to a sample RBAC policy, are then compared through simulation. Finally the simulation results are correlated with a case study.