New standards for antivirus software testing
Anti-Malware Testing Standard Organization (AMTSO) issued on Monday two new interesting publications setting out guidelines for antivirus programs quality assurance procedures.
First document titled "The Fundamental Principles of Testing" and contain a number of basic rules, such as requiring testers to validate whether test samples have been correctly classified as malicious and mandating that tests be open and transparent. The second one, "Best Practices for Dynamic Testing", is a set of best practices for dynamic testing of host-based security products and stresses that any battery of tests must deliver reproducible results, recommends against the use of VMs and to define different levels of success.
"The documents are expressly designed to help new and current testers to do better QA," Roel Schouwenberg, senior antivirus researcher for Kaspersky Labs said.
The Anti-Malware Testing Standards Organization was founded on May 2008, after the industry voiced concerns about inconsistent test regimes and criticized certain tests as unethical. In 2006, many companies in the antivirus industry lambasted product tester Consumer Reports for grading their products' performance against test data that included 5,500 newly-created virus variants. The antivirus companies questioned the reasoning that led to a testing lab writing viruses, while other security researchers argued that it's reasonable to measure the performance of antivirus software against previously unknown threats.
Posted at 03:57PM Nov 11, 2008 by admin in Antivirus |