Model-based Security Testing Using UMLsec A Case Study

被引:29
作者
Juerjens, Jan [1 ]
机构
[1] Open Univ, Comp Dept, Milton Keynes, Bucks, England
来源
ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE | 2008年 / 220卷 / 01期
关键词
Model-based Testing; UML; Security; UMLsec;
D O I
10.1016/j.entcs.2008.11.008
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems based on UMLsec models. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), a candidate for an international electronic purse standard.
引用
收藏
页码:93 / 104
页数:12
相关论文
共 50 条
  • [31] Specification, verification, and quantification of security in model-based systems
    Samir Ouchani
    Mourad Debbabi
    Computing, 2015, 97 : 691 - 711
  • [32] Model-based mutation testing-Approach and case studies
    Belli, Fevzi
    Budnik, Christof J.
    Hollmann, Axel
    Tuglular, Tugkan
    Wong, W. Eric
    SCIENCE OF COMPUTER PROGRAMMING, 2016, 120 : 25 - 48
  • [33] Compositionality in Model-Based Testing
    van Cuyck, Gijs
    van Arragon, Lars
    Tretmans, Jan
    TESTING SOFTWARE AND SYSTEMS, ICTSS 2023, 2023, 14131 : 202 - 218
  • [34] Model-based testing as a service
    Herbold, Steffen
    Hoffmann, Andreas
    INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2017, 19 (03) : 271 - 279
  • [35] Model-Based Testing of Obligations
    Rubab, Iram
    Ali, Shaukat
    Briand, Lionel
    LeTraon, Yves
    2014 14TH INTERNATIONAL CONFERENCE ON QUALITY SOFTWARE (QSIC 2014), 2014, : 1 - 10
  • [36] Abstractions for Model-Based Testing
    Prenninger, Wolfgang
    Pretschner, Alexander
    ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2005, 116 : 59 - 71
  • [37] A Survey on Model-Based Testing Tools for Test Case Generation
    Li, Wenbin
    Le Gall, Franck
    Spaseski, Naum
    TOOLS AND METHODS OF PROGRAM ANALYSIS, 2018, 779 : 77 - 89
  • [38] Model-based testing as a service
    Steffen Herbold
    Andreas Hoffmann
    International Journal on Software Tools for Technology Transfer, 2017, 19 : 271 - 279
  • [39] Reusable Model-Based Testing
    Olimpiew, Erika Mir
    Gomaa, Hassan
    FORMAL FOUNDATIONS OF REUSE AND DOMAIN ENGINEERING, PROCEEDINGS, 2009, 5791 : 76 - 85
  • [40] Integrating Model-Based and Constraint-Based Testing Using SpecExplorer
    Vishal, Vivek
    Kovacioglu, Mehmet
    Kherazi, Rachid
    Mousavi, Mohammad Reza
    23RD IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSRE 2012), 2012, : 219 - 224
12345