UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ETSI - TR 101 583

Methods for Testing and Specification (MTS); Security Testing; Basic Terminology

active, Most Current
Organization: ETSI
Publication Date: 1 March 2015
Status: active
Page Count: 16
scope:

The present document defines terminology and an ontology which together provide the basis for a common understanding of security testing techniques which can be used in testing communication products and systems. The terminology and ontology have been derived from latest research, but also current standards and best practices specified by a broad range of standards organizations and industry bodies. The present document aims to provide information to practitioners on techniques used in testing, and assessment of security, robustness and resilience throughout the product and systems development lifecycle. The present document lists terms and methods for the following security testing approaches:

• Verification of security functions and risk-based testing.

• Load, stress and performance testing.

• Resilience and robustness testing (fuzzing).

• Penetration testing.

Static Application Security Testing (SAST) tools and techniques are out of scope for the present document

Document History

TR 101 583
March 1, 2015
Methods for Testing and Specification (MTS); Security Testing; Basic Terminology
The present document defines terminology and an ontology which together provide the basis for a common understanding of security testing techniques which can be used in testing communication products...

References

This document references:
TR 101 577 - Methods for Testing and Specifications (MTS); Performance Testing of Distributed Systems; Concepts and Terminology
Published by ETSI on December 1, 2011
The present document describes terminology and concepts of performance tests with a generalized view of performance characteristics as the starting point. What kind of characteristics are indicators...
This document references:
TR 101 590 - IMS Network Testing (INT); IMS/NGN Security Testing and Robustness Benchmark
Published by ETSI on March 1, 2013
The present document aims to introduce the basic principles and value of robustness testing, and highlight the importance of negative testing in a complex surroundings like IMS. It will introduce...
This document references:
TS 102 165-1 - CYBER; Methods and protocols; Part 1: Method and pro forma for Threat, Vulnerability, Risk Analysis (TVRA)
Published by ETSI on January 1, 2022
The present document defines a method primarily for use by ETSI standards developers in undertaking an analysis of the threats, risks and vulnerabilities of an Information and Communications...
This document references:
ISO/IEC 15408-1 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 1: Introduction and general model
Published by ISO on August 1, 2022
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is...
This document references:
ISO/IEC 9646-1 - Information Technology - Open Systems Interconnection - Conformance Testing Methodology and Framework - Part 1: General Concepts
Published by ISO on December 15, 1994
A description is not available for this item.
This document references:
ITU-T X.1524 - Common weakness enumeration
Published by ITU-T on March 1, 2012
This Recommendation on the use of the common weakness enumeration (CWE) provides a "structured means" for the global exchange of information about software security weaknesses in architecture,...
This document is referenced by:
TS 103 597-2 - Methods for Testing and Specification (MTS); Test Specification for MQTT; Part 2: Security Tests
Published by ETSI on April 1, 2021
The present document provides general security considerations and guidelines about the Message Queuing Telemetry Transport (MQTT) protocol. The collective ideas presented in the present document are...
This document is referenced by:
TR 103 748 - Core Network and Interoperability Testing (INT); Artificial Intelligence (AI) in Test Systems and Testing of AI Models; Use and Benefits of AI Technologies in Testing
Published by ETSI on June 1, 2022
The present document presents a part of a series of documents being produced in the joint work of ETSI TC INT and ETSI TC MTS on "Artificial Intelligence (AI) in Test Systems, and Testing of AI...
View Less
View All
Advertisement