ETSI - European Telecommunications Standards Institute
Latest
TR 101 583-2015
Scope
The present document defines terminology and an ontology which together provide the basis for a common understanding of security testing techniques which can be used in testing communication products and systems. The terminology and ontology have been derived from latest research@ but also current standards and best practices specified by a broad range of standards organizations and industry bodies. The present document aims to provide information to practitioners on techniques used in testing@ and assessment of security@ robustness and resilience throughout the product and systems development lifecycle. The present document lists terms and methods for the following security testing approaches: ? Verification of security functions and risk-based testing. ? Load@ stress and performance testing. ? Resilience and robustness testing (fuzzing). ? Penetration testing. Static Application Security Testing (SAST) tools and techniques are out of scope for the present document
TR 101 583-2015 history
2015TR 101 583-2015 Methods for Testing and Specification (MTS); Security Testing; Basic Terminology (V1.1.1)