Model-based Security Testing Using UMLsec A Case Study

被引:29
|
作者
Juerjens, Jan [1 ]
机构
[1] Open Univ, Comp Dept, Milton Keynes, Bucks, England
来源
ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE | 2008年 / 220卷 / 01期
关键词
Model-based Testing; UML; Security; UMLsec;
D O I
10.1016/j.entcs.2008.11.008
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems based on UMLsec models. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), a candidate for an international electronic purse standard.
引用
收藏
页码:93 / 104
页数:12
相关论文
共 50 条
  • [31] Automating Test Case Generation for Android Applications using Model-based Testing
    Khan, Usman Habib
    Khan, Muhammad Naeem Ahmed
    Mirza, Aamir Mehmood
    Akram, Muhammad
    Fakhar, Shariqa
    Hussain, Shumaila
    Magsi, Irfan Ahmed
    Wagan, Raja Asif
    EMITTER-INTERNATIONAL JOURNAL OF ENGINEERING TECHNOLOGY, 2022, 10 (01) : 63 - 82
  • [32] Model-based integration testing of ROS packages: a mobile robot case study
    Ernits, Juhan
    Halling, Evelin
    Kanter, Gert
    Vain, Juri
    2015 EUROPEAN CONFERENCE ON MOBILE ROBOTS (ECMR), 2015,
  • [33] Applying model-based testing to HTML']HTML rendering engines -: A case study
    Calame, Jens R.
    van de Pol, Jaco
    TESTING OF SOFTWARE AND COMMUNICATING SYSTEMS, PROCEEDINGS, 2008, 5047 : 250 - +
  • [34] Complementary test selection criteria for model-based testing of security components
    Julien Botella
    Jean-François Capuron
    Frédéric Dadeau
    Elizabeta Fourneret
    Bruno Legeard
    Florence Schadle
    International Journal on Software Tools for Technology Transfer, 2019, 21 : 425 - 448
  • [35] Complementary test selection criteria for model-based testing of security components
    Botella, Julien
    Capuron, Jean-Francois
    Dadeau, Frederic
    Fourneret, Elizabeta
    Legeard, Bruno
    Schadle, Florence
    INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2019, 21 (04) : 425 - 448
  • [36] Model-Based Testing
    Schieferdecker, Ina
    IEEE SOFTWARE, 2012, 29 (01) : 14 - 18
  • [37] Model-based testing
    Le Traon, Yves
    Xie, Tao
    SOFTWARE TESTING VERIFICATION & RELIABILITY, 2023, 33 (02):
  • [38] Model-based testing
    Pretschner, A
    ICSE 05: 27th International Conference on Software Engineering, Proceedings, 2005, : 722 - 723
  • [39] Study on Model-Based Security Assessment of Information Systems
    Li, Xiangdong
    Han, Xinchao
    Zheng, Qiusheng
    COMPUTING AND INTELLIGENT SYSTEMS, PT III, 2011, 233 : 401 - 406
  • [40] Study on Model-based Security Assessment of Information Systems
    Li, Xiangdong
    Han, Xinchao
    Zheng, Qiusheng
    2010 SECOND INTERNATIONAL CONFERENCE ON E-LEARNING, E-BUSINESS, ENTERPRISE INFORMATION SYSTEMS, AND E-GOVERNMENT (EEEE 2010), VOL I, 2010, : 289 - 292
12345