Model-based Security Testing Using UMLsec A Case Study

被引:29
作者
Juerjens, Jan [1 ]
机构
[1] Open Univ, Comp Dept, Milton Keynes, Bucks, England
来源
ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE | 2008年 / 220卷 / 01期
关键词
Model-based Testing; UML; Security; UMLsec;
D O I
10.1016/j.entcs.2008.11.008
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems based on UMLsec models. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), a candidate for an international electronic purse standard.
引用
收藏
页码:93 / 104
页数:12
相关论文
共 50 条
  • [41] Model-Based Systems Security Quantification
    Ouchani, Samir
    Jarraya, Yosr
    Mohamed, Otmane Ait
    2011 NINTH ANNUAL INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY AND TRUST, 2011, : 142 - 149
  • [42] Risk-Driven Model-Based Testing of Washing Machine Software: An Industrial Case Study
    Kirkici, Abdulhadi
    Gebizli, Ceren Sahin
    Sozer, Hasan
    2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW), 2018, : 398 - 403
  • [43] Using Bayesian optimization algorithm for model-based integration testing
    Rafe, Vahid
    Mohammady, Somayeh
    Cuevas, Erik
    SOFT COMPUTING, 2022, 26 (07) : 3503 - 3525
  • [44] Coverage Criteria for Model-Based Testing using Property Patterns
    Castillos, Kalou Cabrera
    Dadeau, Frederic
    Julliand, Jacques
    ELECTRONIC PROCEEDINGS IN THEORETICAL COMPUTER SCIENCE, 2013, (141): : 29 - 43
  • [45] Using Metamodels to Improve Model-Based Testing of Service Orchestrations
    Leal, Lucas
    Montecchi, Leonardo
    Ceccarelli, Andrea
    Martins, Eliane
    2020 IEEE 25TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING (PRDC 2020), 2020, : 130 - 139
  • [46] Model-based Testing of Interactive Systems using Interaction Sequences
    Turner J.
    Bowen J.
    Reeves S.
    Proceedings of the ACM on Human-Computer Interaction, 2020, 4 (EICS)
  • [47] Using Bayesian optimization algorithm for model-based integration testing
    Vahid Rafe
    Somayeh Mohammady
    Erik Cuevas
    Soft Computing, 2022, 26 : 3503 - 3525
  • [48] Assessing Model-Based Testing: An Empirical Study Conducted in Industry
    Schulze, Christoph
    Ganasan, Dharmalingam
    Lindvall, Mikael
    Cleaveland, Rance
    Goldman, Daniel
    36TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE COMPANION 2014), 2014, : 135 - 144
  • [49] Model-based testing for software safety: a systematic mapping study
    Gurbuz, Havva Gulay
    Tekinerdogan, Bedir
    SOFTWARE QUALITY JOURNAL, 2018, 26 (04) : 1327 - 1372
  • [50] Model-based testing for software safety: a systematic mapping study
    Havva Gulay Gurbuz
    Bedir Tekinerdogan
    Software Quality Journal, 2018, 26 : 1327 - 1372
12345