A tool supported methodology to passively test asynchronous systems with multiple users

Abstract Context: Testing usually involves the interaction of the tester with the system under test. However, there are many situations in which this interaction is not feasible and so one requires a passive approach in which the system is analysed to look for failures or unexpected behaviours. The entities of a complex system usually communicate in an asynchronous manner and this complicates the testing tasks since the observed order of events need not be the same as the order in which the events were produced. In previous work, we presented a formal passive testing theory for a single user and system communicating through an asynchronous channel. We were able to check that a trace generated by the system satisfies a given property. Objective: This papers extends our work, for detecting potential intrusions and unexpected behaviours, to the case where many users simultaneously communicate with a central server. We evaluate the practical value of the theoretical framework with a non-trivial system. Method: We developed a novel complete theoretical framework to analyse asynchronous systems with multiple users. All the algorithms are fully implemented. Experiments were performed over the Nextcloud platform to show the applicability of our framework. The experiments include an attack so that actual vulnerabilities could be revealed. Results: The application of our methodology, supported by a tool fully implementing it, was able to reveal a vulnerability in the WebDAV protocol running on Nextcloud. Conclusion: The extension of our previous work is not only useful from a theoretical point of view but also increases the applicability of the original work. We are now able to analyse systems where the interaction with different users can lead to unexpected behaviours. We have been able to find a vulnerability in a real system, showing the usefulness of our work.

[1]  Franz Wotawa,et al.  Asynchronous Input-Output Conformance Testing , 2009, 2009 33rd Annual IEEE International Computer Software and Applications Conference.

[2]  David Lee,et al.  Passive testing and applications to network management , 1997, Proceedings 1997 International Conference on Network Protocols.

[3]  Mercedes G. Merayo,et al.  PTTAC: Passive Testing Tool for Asynchronous Systems , 2014, 2014 Tenth International Conference on Signal-Image Technology and Internet-Based Systems.

[4]  Robert M. Hierons,et al.  An extended framework for passive asynchronous testing , 2017, J. Log. Algebraic Methods Program..

[5]  Jan Peleska,et al.  Translating Testing Theories for Concurrent Systems , 2015, Correct System Design.

[6]  Yvan Labiche,et al.  A systematic review of state-based test tools , 2013, International Journal on Software Tools for Technology Transfer.

[7]  Robert M. Hierons,et al.  Implementation Relations for Testing Through Asynchronous Channels , 2013, Comput. J..

[8]  Marie-Claude Gaudel,et al.  Testing Can Be Formal, Too , 1995, TAPSOFT.

[9]  Rance Cleaveland,et al.  Using formal specifications to support testing , 2009, CSUR.

[10]  Mercedes G. Merayo,et al.  Formal passive testing of timed systems: theory and tools , 2012, Softw. Test. Verification Reliab..

[11]  David Lee,et al.  Network protocol system monitoring: a formal approach with passive testing , 2006, TNET.

[12]  Marius Mikucionis,et al.  Formal Methods and Testing , 2008 .

[13]  Bruno Legeard,et al.  Model-based Testing: Where Does It Stand? , 2014, ACM Queue.

[14]  Ana R. Cavalli,et al.  Two Complementary Tools for the Formal Testing of Distributed Systems with Time Constraints , 2008, 2008 12th IEEE/ACM International Symposium on Distributed Simulation and Real-Time Applications.

[15]  Antoni W. Mazurkiewicz,et al.  Traces, Histories, Graphs: Instances of a Process Monoid , 1984, International Symposium on Mathematical Foundations of Computer Science.

[16]  Glenford J. Myers,et al.  Art of Software Testing , 1979 .

[17]  Robert M. Hierons,et al.  Passive testing with asynchronous communications and timestamps , 2018, Distributed Computing.

[18]  Ana R. Cavalli,et al.  How to Evaluate Trust Using MMT , 2014, NSS.

[19]  Robert M. Hierons,et al.  Passive Testing with Asynchronous Communications , 2013, FMOODS/FORTE.

[20]  Jan Peleska,et al.  Industrial-Strength Model-Based Testing - State of the Art and Current Challenges , 2013, MBT.

[21]  Ana R. Cavalli,et al.  Timed Extended Invariants for the Passive Testing of Web Services , 2010, 2010 IEEE International Conference on Web Services.

[22]  David Lee,et al.  Message Confidentiality Testing of Security Protocols - Passive Monitoring and Active Checking , 2006, TestCom.

[23]  Amel Mammar,et al.  An advanced approach for modeling and detecting software vulnerabilities , 2012, Inf. Softw. Technol..

[24]  Alexandre Petrenko,et al.  Transition covering tests for systems with queues , 2009 .

[25]  Anne Elisabeth Haxthausen,et al.  Complete Model-Based Equivalence Class Testing for the ETCS Ceiling Speed Monitor , 2014, ICFEM.

[26]  Mika Ylianttila,et al.  Software Defined Monitoring (SDM) for 5G mobile backhaul networks , 2017, 2017 IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN).

[27]  Michel Bourdellès,et al.  Events-Based Security Monitoring Using MMT Tool , 2012, 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation.

[28]  Gordon J. Pace,et al.  Safer asynchronous runtime monitoring using compensations , 2012, Formal Methods Syst. Des..

[29]  Wolfgang Grieskamp,et al.  Model‐based quality assurance of protocol documentation: tools and methodology , 2011, Softw. Test. Verification Reliab..

[30]  Jie-Hong Roland Jiang,et al.  Homing Sequence Derivation With Quantified Boolean Satisfiability , 2017, IEEE Transactions on Computers.

[31]  Torben Scheffel,et al.  Three-valued asynchronous distributed runtime verification , 2014, 2014 Twelfth ACM/IEEE Conference on Formal Methods and Models for Codesign (MEMOCODE).

[32]  Mohammad Reza Mousavi,et al.  Synchrony and asynchrony in conformance testing , 2012, Software & Systems Modeling.

[33]  Jonathan M. Smith,et al.  Programming the quantum future , 2015, Commun. ACM.

[34]  Bruno Legeard,et al.  A taxonomy of model‐based testing approaches , 2012, Softw. Test. Verification Reliab..

[35]  O. Henniger On test case generation from asynchronously communicating state machines , 1997 .

[36]  Ana R. Cavalli,et al.  New approaches for passive testing using an Extended Finite State Machine specification , 2003, Inf. Softw. Technol..

[37]  Amel Mammar,et al.  Using Testing Techniques for Vulnerability Detection in C Programs , 2011, ICTSS.

[38]  Ana R. Cavalli,et al.  Passive testing and application to the GSM-MAP protocol , 1999, Inf. Softw. Technol..

[39]  Antoni W. Mazurkiewicz,et al.  Introduction to Trace Theory , 1995, The Book of Traces.

[40]  Alexandre Petrenko,et al.  Generating asynchronous test cases from test purposes , 2011, Inf. Softw. Technol..

[41]  Teruo Higashino,et al.  A survey on formal active and passive testing with applications to the cloud , 2015, Ann. des Télécommunications.

[42]  Ana R. Cavalli,et al.  Applying formal methods to PCEP: an industrial case study from modeling to test generation , 2012, Softw. Test. Verification Reliab..

[43]  Ana R. Cavalli,et al.  Using passive testing based on symbolic execution and slicing techniques: Application to the validation of communication protocols , 2013, Comput. Networks.

[44]  Ana R. Cavalli,et al.  A passive testing approach based on invariants: application to the WAP , 2005, Comput. Networks.