Enabling Security Testing from Specification to Code

In this paper, we present the idea of creating an intermediary model which is capable of being derived directly from the high-level, abstract model, but more closely resembles the actual implementation. The focus of our work is on the security properties of protocols. Not only do we show how an intermediary model can be constructed, but also how it can be used to automatically generate test sequences based on the security goals of the protocol being tested. Our aim is to show that by using this approach, we can derive test sequences suitable for a tester to use on a working implementation of the protocol.

[1]  Margus Veanes,et al.  Generating finite state machines from abstract state machines , 2002, ISSTA '02.

[2]  Walter F. Tichy,et al.  Proceedings 25th International Conference on Software Engineering , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[3]  Leslie Lamport,et al.  Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers [Book Review] , 2002, Computer.

[4]  Oscar Nierstrasz,et al.  Software Engineering - ESEC/FSE '99 , 1999 .

[5]  James A. Whittaker,et al.  Software security vulnerability testing in hostile environments , 2002, SAC '02.

[6]  Alexander Pretschner,et al.  Abstractions for Model-Based Testing , 2005, Electron. Notes Theor. Comput. Sci..

[7]  Gregg Rothermel,et al.  Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis , 2004 .

[8]  Jan Jürjens,et al.  Specification-Based Test Generation for Security-Critical Systems Using Mutations , 2002, ICFEM.

[9]  Sebastian Mödersheim,et al.  An On-the-Fly Model-Checker for Security Protocol Analysis , 2003, ESORICS.

[10]  Yannick Chevalier,et al.  A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols , 2004 .

[11]  Angelo Gargantini,et al.  Using model checking to generate tests from requirements specifications , 1999, ESEC/FSE-7.

[12]  James A. Whittaker,et al.  How to Break Software Security , 2003 .

[13]  Jan Jürjens,et al.  Specification-Based Testing of Firewalls , 2001, Ershov Memorial Conference.

[14]  Dieter Gollmann,et al.  Computer Security – ESORICS 2003 , 2003, Lecture Notes in Computer Science.

[15]  Sarfraz Khurshid,et al.  Software assurance by bounded exhaustive testing , 2004, IEEE Transactions on Software Engineering.

[16]  Alan Hartman,et al.  The AGEDIS tools for model based testing , 2004, ISSTA '04.

[17]  John A. Clark,et al.  FORTEST: formal methods and testing , 2002, Proceedings 26th Annual International Computer Software and Applications.

[18]  Junfeng Yang,et al.  MECA: an extensible, expressive system and language for statically checking security properties , 2003, CCS '03.

[19]  Thierry Jéron,et al.  Test Generation Derived from Model-Checking , 1999, CAV.

[20]  Matthew B. Dwyer,et al.  Bogor: an extensible and highly-modular software model checking framework , 2003, ESEC/FSE-11.

[21]  Alex Groce,et al.  Modular verification of software components in C , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[22]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[23]  Jim Woodcock,et al.  FME '93: Industrial-Strength Formal Methods , 1993, Lecture Notes in Computer Science.

[24]  Thomas A. Henzinger,et al.  Software Verification with BLAST , 2003, SPIN.

[25]  James C. Corbett,et al.  Bandera: extracting finite-state models from Java source code , 2000, ICSE.

[26]  Jeremy Dick,et al.  Automating the Generation and Sequencing of Test Cases from Model-Based Specifications , 1993, FME.

[27]  Manfred Broy,et al.  Perspectives of System Informatics , 2001, Lecture Notes in Computer Science.