Q: Is there a datasheet about the Codenomincon Robustness Tester
available for download?
A: Yes. To download the datasheet click
Q: What is meant by FUZZING?
A: Fuzz testing or fuzzing is a software testing technique that provides invalid, unexpected, or random data to the inputs of a program. If the program fails (for example, by crashing or failing built-in code assertions), the defects can be noted.
Q: What are the technical requirements?
A: There are three requirements:
- Sun Microsystems Java Runtime Environment 1.5.0 or newer
- Windows XP or Windows 7.
- Supported Bluetooth adapter
Q: What is robustness testing?
A: The robustness testing method used by Codenomicon is based on the
systematic creation of a very large number of protocol messages (tens of
thousands) containing exceptional elements that simulate malicious attacks.
Robustness testing can be thought of as a combination of syntax testing,
fault injection and penetration testing. Our testing method provides a
proactive, low-cost way of assessing software robustness.
Q: How does it improve Bluetooth products?
A: Robustness is the ability of software to tolerate exceptional input
and stressful environment conditions. A piece of software which is not
robust fails when facing such circumstances. A malicious intruder can easily
take advantage of robustness shortcomings in order to compromise the system
running the software. In fact, a large portion of information security
vulnerabilities reported in the public are caused by robustness weaknesses.
Robustness problems can be exploited by causing denial-of-service
conditions by feeding the vulnerable component with maliciously formatted
input. Often, a buffer overflow type of robustness flaw can be exploited to
run externally supplied code in the vulnerable component. Rooting out
robustness problems will result in more reliable and fault-tolerant
software. Robustness equals error-free operation, which leads to better
customer acceptance and reduced support costs. Robust software is more
Q: How do you define security?
A: Flaws in information security infest modern software, and pervasive
computing has made us and our society vulnerable. Security and safety in
software are attributes that cannot be effectively measured or guaranteed,
and are thus always based on levels of risk. A focal problem area is
software implementation, which may introduce potential for unanticipated and
undesired program behavior. Frequent vulnerability disclosures prompt for
practical measures of vulnerability assessment and the elimination of at
least the most trivial product flaws.
Q: How does your product address security issues?
A: The complementary approach to systematically test implementations of
protocols in a black-box (i.e. functional) fashion is originally devised in
PROTOS project and now commercialized by Codenomicon and sold worldwide by
Frontline. A novel mini-simulation method using attribute grammars to model
both input syntax and software behavior is used to create test tools for
various protocol families.
To this end it is our goal to:
- Offer efficient, yet easy-to-use tools for vendors and buyers to
verify the dependability of software components.
- Raise the baseline of software robustness beyond trivial
vulnerabilities that still infest software.
- Work in a close, trustworthy relationship with software vendors in
order to patch the found problems and not to elaborate over them.
Q: Do I need to possess the source code for the tested system?
A: No, you don't. The Codenomicon test tools sold by Frontline use
black-box testing methods. The only requirement for testing is the
availability of the tested implementation. This makes the test tools usable
for integrators and evaluators who want to assess the quality and robustness
of acquired or evaluated systems.
Q: What Bluetooth protocols and profiles does Codenomicon Robustness
Tester for Bluetooth Technology cover?
A: At this stage separate test suites are provided for A2DP, AVRCP, BIP,
BNEP, BPP, DUN, FAX, FTP, HFP, HSP, IrMCSync, L2CAP, RFCOMM, SDP, and OPP.
Over time, the full set of test suites for Bluetooth will cover all feasible
protocols and profiles.
Q: Does Codenomicon Robustness Test Tool For Bluetooth Technology
support features or protocols X, Y and Z?
A: Our product already contains support for a variety of Bluetooth
protocols, profiles and their features. Support for new protocols and
features are being added constantly.
Q: How can I obtain Codenomicon Robustness Tester for Bluetooth
A: Contact Frontline for licensing options and pricing.