Security Test Suite 安全测试套件
每月合作伙伴预览安全公告列出了设备制造商修复其设备的安全漏洞。 Android安全测试套件（STS）验证Android设备上是否解决了这些安全漏洞。 每月使用合作伙伴预览安全公告更新STS。 STS帮助合作伙伴验证：
在被测设备（DUT）上执行各个测试用例。 测试用例用Java编写为JUnit测试并打包为Android .apk文件，以在实际设备目标上运行。
The monthly Partner Preview Security Bulletins list security vulnerabilities for device makers to fix on their devices. The Android Security Test Suite (STS) validates if security vulnerabilities are addressed on Android devices. STS is updated monthly with the Partner Preview Security Bulletin. STS helps partners to validate that:
- security patches are applied correctly
- corresponding security vulnerabilities are fixed
- device is not otherwise vulnerable
STS uses an automated testing harness with two major software components:
- The STS tradefed test harness runs on your desktop machine and manages test execution.
- Individual test cases are executed on the Device Under Test (DUT). The test cases are written in Java as JUnit tests and packaged as Android .apk files to run on the actual device target.
Types of test cases 测试用例类型
The STS includes the following types of test cases:
- Device Side Tests 设备端测试 are junit tests that are executed from the context of the DUT.
- Host Side Tests 主机端测试 are executed on the host machine, and allow the host to push binaries or other resources to the device.
Setting up STS STS环境设置 请参考CTS设置
Running STS tests 运行STS测试
Running STS is similar to running CTS Tradefed. To get started, follow the instructions for Running CTS tests. The only difference between running CTS and STS is the command. For Android 7.0 and above, run the STS test plan with:
STS binaries are stored on the Partner_Security_Bulletin Google Drive alongside the CTS security preview.
Here is an overview of the STS workflow:
Figure 1. How to use STS