The average computer data breach in the U.S. can cost a company upward of $7.9 million, according to a study by IBM and the Ponemon Institute. Recently, the National Institute of Standards and Technology awarded computer science Professor Jeff Lei and Dimitris Simos of SBA Research Inc. a three-year, $585,000 grant to shore up security vulnerabilities in blockchains and Internet of Things systems.
"Blockchains have the potential to change the way we do business, significantly reducing costs and increasing efficiency," says Dr. Lei. "Machines can do many things better than humans, but first people must have confidence that the security factors work in the machines."
Lei and Simos will use interaction testing—a technique that systematically exercises interactions between factors to trigger security vulnerabilities— to create test cases and determine if security has been compromised. Interaction testing, while widely used in general testing of software systems, has not been regularly applied to security testing. Lei says this is due to the fact that "the negatives are often much larger than the positives, and it requires creativity to come up with scenarios to break the system."