Software verification and validation, also referred to herein as V&V or self-test, ensures that software programs and applications meet user and/or manufacturer requirements and expected quality attributes throughout their lifecycle. Proper operation of software applications may be assessed by running power on self-tests when devices are initially turned on. However, it is becoming increasingly common for devices, such as cell phones and set top boxes, to remain on for extended periods of time. Therefore it is desirable to continuously monitor software applications to ensure safe and proper operation. Continuous verification and validation requires that self-tests be restarted periodically after the previous test sequence has completed. This can often lead to undesirable delays or extended periods where the device is unusable. It is of particular importance to continuously verify and validate applications running on devices used for safety or security related operations as these devices are often the target of malicious attackers and the consequences of failures can be serious.
Software verification and validation may be performed by generating artificial data for each test sequence. This requires prior knowledge of software operations. The generation of erroneous data can lead to test failures which may result in false negative determinations. Also, the resulting output data can be intermixed with real data in ways that make it difficult to remove the artificial information.
A corrupted or maliciously altered software application may affect data in a computer's main memory. Corrupt data may be erroneous and useless, or it may introduce an undesirable security breach or an unknown security threat. An application may also write to protected portions of memory, such as the master boot record, and render a device useless or take control of the device for malevolent purposes.
Thus, there is a need for improved apparatus and methods that can perform continuous verification and validation of software applications while preventing these applications from causing harm to the devices on which they are running. Accordingly, it would be desirable to provide a method and apparatus that addresses at least some of the problems identified above.