|
英语水平真是不敢提了,在论坛中把《How to Break Software》下载后想借此学习下英语,发觉理解起来模棱两可,是否有同行一起来学习呢;一天一段,在此贴上就是希望能得到大家的指点;
Abstract— This paper describes a number of methods (called “attacks”) to expose design and development flaws in
software. The attacks are manual, exploratory tests designed and executed on-the-fly with little or no overhead.
The attacks were conceived after studying hundreds of real software bugs and generalizing their cause and symptoms.
Two semesters of refinement at the hands of software testing students at the Florida Institute of Technology
have identified dozens of approaches for attacking software with the intent of finding bugs. The attacks have been
very successful, resulting in hundreds of additional bugs— all found as a direct result of the attack strategies— in a
very short period of time with little or no familiarity with the products involved. This paper describes a subset of
the attacks and demonstrates their use to find real bugs in released products.
提纲:这文章提到很多暴露设计和开发方面的缺陷的方法(attacks译为什么更贴切?我暂译为攻术)。The attacks are manual, exploratory tests designed and executed on-the-fly with little or no overhead.(这句不知如何译好呢?),这些攻术都是在对数百上千的缺陷研究、总结原因、状况之后产生的。
经过Florida技术研究院的软件测试学生的两个学期的提炼已经证明带着找缺陷的目的攻击软件的多种途径。这攻术很成功,结果会出现更多的缺陷,这些都是攻术的策略的直接效果-在一个短时间内对
不熟悉的软件情况下产生。这文章描述的是在发布产品中找到真正缺陷的攻术和演示的摘录 |
|