【正文】 y way. Since the effectiveness of blackbox techniques is close connected to experience of the tester, in our opinion they can be automated by using artificial intellegence methods such as neural works and fuzzy logic. More information about research in this area can be found in [7]. 4. Black Box Testing and Software Security At the present there is a pressure on software developers to produce high quality software. The 畢業(yè)設(shè)計(jì)（論文） 外文資料 原文 8 security aspects are highly related to a software quality. Security testing should be integrated in the testing process, but in reality it is not true in most cases. Usually the developers test the software just for functional requirements and do not consider security issues. One way to check software for secure vulnerabilites is to study known security problems in similar systems and generate test cases based on it. Then applying blackbox techniques to run these test cases. The blackbox methods play an important part in securtity testing. They allow the testers to look at the software under test from the side of attackers, which usually do not have any information about attacked system and therefore consider it as a blackbox. Security testing is important for emerce software systems such as corporate websites. Furthermore, since buffer overflow is a result of bad constructed software programs, security testing can reveal such vulnerabilities, what is helpful for checking both local programs such as games, calculators, office software etc. and remote software such as servers, FTP, DNS and Inter web servers. Conclusion Software testing became an essential part of the software development process. The well designed test cases can significantly increase the quantity of found faults and errors. The mentioned above blackbox methods provide an effective way of testing with no knowledge of inside structure of the software to be tested. Nevertheless, the quality of the blackbox testing depends in general on the experience and intuition of the tester. Therefore, it is hard to automate this process. In spite of this fact, there were made a several attempts to develop approaches for automated blackbox testing. The blackbox testing helps the developers and testers to check software under test for secure vulnerabilities. The secure testing is a matter of importance for emerce applications, that are available in the Inter for a wide range of people, and for revealing buffer overflow vulnerabilities in different local and remote applications. 畢業(yè)設(shè)計(jì)（論文） 外文資料 譯文 1 軟件測(cè)試：黑盒技術(shù) Smirnov Sergey 摘要：在現(xiàn)代社會(huì)中，軟件系統(tǒng)占了一個(gè)重要的位子。 畢業(yè)設(shè)計(jì)（論文） 外文資料 原文 7 – each state transition (input/output/action) is correct。s experience as in case of the Equivalence Class Partitioning approach. CauseEffect Graphing The major weakness of Equivalence Class Partitioning and Boundary Value Analysis is that the methods do not allow to bine conditions. Furthermore, the number of possible bination is usually very large. Therefore, there must be a systematic way of selectiong a subset of input binations. CauseEffect Graphing provides a systematic approach for selecting a set of test cases. The naturallanguage specification is translated into a formal language – a causeeffect graph. The graph is a digitallogic circuit, but in order to build a graph no knowledge of electronics is necessary. The tester should understand only the boolean logic. The following steps are used to produce test cases [2]: – Divide the specification into workable parts. Large specifications make a causeeffect 畢業(yè)設(shè)計(jì)（論文） 外文資料 原文 5 graph difficult to manage. Figure : Simple CauseEffect Graphs – Identify the causes and effects in the specification. A cause is a distinct input condition or an equivalence class of input conditions. An effect is an output condition or a system transformation. The causes and effects are identified by reading the specification. Once identified, each cause and effect is assigned an unique number. – From cause and effect information a boolean causeeffect graph that links causes and effects together is created. – Annotations with constraints are added, that describe binations of causes and/or effects which are impossible. – The graph is converted to a decision table. – The colomns of the decision table are converted into test cases. The simple examples of causeeffects graphs are shown in Figure . The more detailed