3.1 INTRODUCTION

The damage or risk inflicted currently by security breaches and unintended software failures in the ubiquitous computer and communication networks as experienced by related businesses or government entities is measured by multiples of billions of dollars. The analysis of such malicious and/or unwanted activities as to when to act to stop testing at the right moment to assure cost efficiency and maximum security and reliability are of a paramount interest to computer scientists and risk analysts, in addition to the business owners and their vulnerable customers. In most situations, corporate testing continues until the time-to-release date or when the testing budget is depleted. These conventionally subjective stopping decision rules inhibit the testers from understanding the extent of potential security breaches and/or chance failures when the product is released. This process can be extremely costly and inefficient. The focus is on determining when given the results of a testing process, whether white box (coverage), or ...