Model-Based Security Verification and Testing for Smart-cards

Model-Based Testing (MBT) is a widely used methodology for generating tests aiming to ensure that the system behaviour conforms to its specification. Recently, it has been successfully applied for testing certain security properties. However, for the success of this approach, it is an important prerequisite to consider the correctness of test models with respect to the given security property. In this paper we present an approach for smart-card specific security properties that permits to validate the system with MBT from test schemas. We combine this MBT approach with UMLsec security verification technique, by using UMLsec stereotypes to verify the model w.r.t. given security properties and gain more confidence in the model. We then define an automatic procedure to generate security test from the UMLsec model via so-called "test schemas". We validate this approach on a fragment of the Global Platform specification and report on available tool support.

[1]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[2]  Thierry Jéron,et al.  A tool for the automatic synthesis of conformance test cases for non-deterministic reactive systems , 2005 .

[3]  Paul Ammann,et al.  Using model checking to generate tests from specifications , 1998, Proceedings Second International Conference on Formal Engineering Methods (Cat.No.98EX241).

[4]  Jan Tretmans,et al.  Test Generation Based on Symbolic Specifications , 2004, FATES.

[5]  Jacques Julliand,et al.  Generating tests from B specifications and dynamic selection criteria , 2009, Formal Aspects of Computing.

[6]  Boutheina Chetali Security Testing and Formal Methods for High Levels Certification of Smart Cards , 2009, TAP@TOOLS.

[7]  Jan Jürjens,et al.  Formally testing fail-safety of electronic purse protocols , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[8]  Eda Marchetti,et al.  The Cow_Suite Approach to Planning and Deriving Test Suites in UML Projects , 2002, UML.

[9]  Julien Botella,et al.  Scenario Based Test Generation Using Test Designer , 2011, 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops.

[10]  Angelo Gargantini,et al.  Using model checking to generate tests from requirements specifications , 1999, ESEC/FSE-7.

[11]  Thomas Jensen,et al.  UML-CASTING: Test synthesis from UML models using constraint resolution1 , 2002 .

[12]  Fabrice Bouquet,et al.  Selective Test Generation Method for Evolving Critical Systems , 2011, 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops.

[13]  Duncan Clarke,et al.  STG: A Symbolic Test Generation Tool , 2002, TACAS.

[14]  O. Maury,et al.  Intégration de TOBIAS et UCASTING pour la génération de tests , 2003 .

[15]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[16]  Jan Tretmans,et al.  TorX: Automated Model-Based Testing , 2003 .

[17]  Eda Marchetti,et al.  Introducing a Reasonably Complete and Coherent Approach for Model-based Testing , 2005, TACoS.

[18]  Frédéric Dadeau,et al.  Mastering combinatorial explosion with the tobias-2 test generator , 2007, ASE '07.

[19]  Jan Jürjens,et al.  Tools for secure systems development with UML , 2007, International Journal on Software Tools for Technology Transfer.

[20]  Fabrice Bouquet,et al.  An Access Control Model Based Testing Approach for Smart Card Applications: Results of the POSÉ Project , 2010, IAS 2010.

[21]  David Lugato,et al.  Automatic Test Generation with AGATHA , 2003, TACAS.