Robustness testing oracle using a sequence alignment algorithm
Proceedings of the First International Workshop on Software Test Output Validation
A model-based attack injection approach for security validation
Proceedings of the 4th international conference on Security of information and networks
| Hi-index | 0.00 |
Robustness testing has as main objective to determine how a system behaves in the presence of unexpected inputs or stressful environmental conditions. An approach commonly used for that purpose is fault injection, in which faults are deliberately injected into a system to observe its behavior. One main limitation of this approach is results evaluation: a system is considered as robust if it does not crash or hang during testing. This is not enough because a system can still continue to execute, but present a wrong behavior. To overcome this limitation, we propose a passive approach for robustness testing, in which the system under test is instrumented for fault injection during runtime, as well as for monitoring its behavior. At the end, the readouts collected are analyzed to determine whether the observed behavior under faults is consistent with properties based on a finite state model of the system. We illustrate the approach using an implementation of the Wireless Application Protocol (WAP). The approach was implemented using off the shelf tools; results obtained thus far are presented. Keywords: protocol testing fault injection passive testing formal model