Test Suite Generation from a FSM with a Given Type of Implementation Errors
Proceedings of the IFIP TC6/WG6.1 Twelth International Symposium on Protocol Specification, Testing and Verification XII
FORTEST: Formal Methods and Testing
COMPSAC '02 Proceedings of the 26th International Computer Software and Applications Conference on Prolonging Software Life: Development and Redevelopment
A Formal Approach to Software Testing
AMAST '91 Proceedings of the Second International Conference on Methodology and Software Technology: Algebraic Methodology and Software Technology
Specification-Based Test Generation for Security-Critical Systems Using Mutations
ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Automated Testing of Security Functions Using a Combined Model and Interface-Driven Approach
HICSS '04 Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 9 - Volume 9
TestEra: Specification-Based Testing of Java Programs Using SAT
Automated Software Engineering
Tools for secure systems development with UML
International Journal on Software Tools for Technology Transfer (STTT)
Tools for model-based security engineering: models vs. code
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Integrating verification, testing, and learning for cryptographic protocols
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Secure Systems Development with UML
Secure Systems Development with UML
Model based testing of cryptographic protocols
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Testing concurrent object-oriented systems with spec explorer
FM'05 Proceedings of the 2005 international conference on Formal Methods
A model-based approach to automated testing of access control policies
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
SETER: Towards Architecture-Model Based Security Engineering
International Journal of Secure Software Engineering
A test-based security certification scheme for web services
ACM Transactions on the Web (TWEB)
Modeling test cases for security protocols with SecureMDD
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems based on UMLsec models. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), a candidate for an international electronic purse standard.