diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 1cfdda92..4f34ce40 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -387,6 +387,10 @@ type ProtocolBugs struct {
 	// SendV2ClientHello causes the client to send a V2ClientHello
 	// instead of a normal ClientHello.
 	SendV2ClientHello bool
+
+	// SendFallbackSCSV causes the client to include
+	// TLS_FALLBACK_SCSV in the ClientHello.
+	SendFallbackSCSV bool
 }
 
 func (c *Config) serverInit() {
diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index 0b9d772b..9d2c1fad 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -71,6 +71,10 @@ NextCipherSuite:
 		}
 	}
 
+	if c.config.Bugs.SendFallbackSCSV {
+		hello.cipherSuites = append(hello.cipherSuites, fallbackSCSV)
+	}
+
 	_, err := io.ReadFull(c.config.rand(), hello.random)
 	if err != nil {
 		c.sendAlert(alertInternalError)
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index bec89b16..07b1a127 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -380,6 +380,27 @@ var testCases = []testCase{
 			},
 		},
 	},
+	{
+		testType: serverTest,
+		name:     "FallbackSCSV",
+		config: Config{
+			MaxVersion: VersionTLS11,
+			Bugs: ProtocolBugs{
+				SendFallbackSCSV: true,
+			},
+		},
+		shouldFail:    true,
+		expectedError: ":INAPPROPRIATE_FALLBACK:",
+	},
+	{
+		testType: serverTest,
+		name:     "FallbackSCSV-VersionMatch",
+		config: Config{
+			Bugs: ProtocolBugs{
+				SendFallbackSCSV: true,
+			},
+		},
+	},
 }
 
 func doExchange(testType testType, config *Config, conn net.Conn, messageLen int) error {