Researchers at the National Institute of Standards and Technology (NIST) have released an updated version of a computer system testing tool that can cut software development costs by more efficiently finding flaws.

Catching software “bugs” is traditionally difficult and time-consuming. About 50 percent of software development budgets go to testing, yet flaws in software still cost the U.S. economy $59.5 billion annually. In efforts to address this issue, NIST designed the Advanced Combinatorial Testing System (ACTS), a freely available software tool.

Fewer software flaws mean enhanced security for personal, government and corporate systems. Hackers often take advantage of software flaws to introduce malware including viruses and botnets to disrupt or take control of computer systems. Once inside a computer, attackers can access personal information or valuable company data.

The NIST Combinatorial Testing for Software is based on research by NIST and others and generates a plan for testing combinations of two to six variables that can interact and cause errors. While studying software crashes of medical device and Web browsers, researchers determined that between 70 and 95 percent of software failures are triggered by only two variables interacting, and practically 100 percent of software failures are triggered by no more than six. In one project, NIST could test all six-way combinations with only 522 tests instead of 17 billion, and find nearly 100 percent of the flaws.

Since the first version was released in 2008, it has been downloaded by 465 times by industry, academia, government and individuals.

For more information, visit http://csrc.nist.gov/groups/SNS/acts/index.html.