This paper proposes a novel workflow to prevent software and test report tampering. This plays a crucial role in industries operating in critical infrastructures where special emphasis is placed on the reliability of these reports for audits. Looking at the state-of-the-art, we identify tampering with test code, pseudo-accountability, and error-prone manual testing as problems that need to be dealt with. Our proposed workflow can be regularly initiated by a supervisor. It identifies every contributor to a project in a set time and asks them to verify their contributions and ultimately sign off on these contributions. This allows for straightforward and thorough reviews of a release and leads to enhanced tamper resistance, protecting the project against malicious alterations.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Workflow for Secure and Tamper Resistant Software Test Reporting

  • Jakob Rechberger,
  • Steffen Heinzl

摘要

This paper proposes a novel workflow to prevent software and test report tampering. This plays a crucial role in industries operating in critical infrastructures where special emphasis is placed on the reliability of these reports for audits. Looking at the state-of-the-art, we identify tampering with test code, pseudo-accountability, and error-prone manual testing as problems that need to be dealt with. Our proposed workflow can be regularly initiated by a supervisor. It identifies every contributor to a project in a set time and asks them to verify their contributions and ultimately sign off on these contributions. This allows for straightforward and thorough reviews of a release and leads to enhanced tamper resistance, protecting the project against malicious alterations.