Specification-Based Test Generation for Security-Critical Systems Using Mutations
ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
KIV 3.0 for Provably Correct Systems
FM-Trends 98 Proceedings of the International Workshop on Current Trends in Applied Formal Method: Applied Formal Methods
A Threat Model Driven Approach for Security Testing
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
A subset of precise UML for model-based testing
Proceedings of the 3rd international workshop on Advances in model-based testing
Model-Based Tests for Access Control Policies
ICST '08 Proceedings of the 2008 International Conference on Software Testing, Verification, and Validation
Model-based Security Testing Using UMLsec
Electronic Notes in Theoretical Computer Science (ENTCS)
Model-Driven Code Generation for Secure Smart Card Applications
ASWEC '09 Proceedings of the 2009 Australian Software Engineering Conference
Model-Checking Driven Security Testing of Web-Based Applications
ICSTW '10 Proceedings of the 2010 Third International Conference on Software Testing, Verification, and Validation Workshops
Secure Systems Development with UML
Secure Systems Development with UML
Security mutants for property-based testing
TAP'11 Proceedings of the 5th international conference on Tests and proofs
Formal verification of QVT transformations for code generation
Proceedings of the 14th international conference on Model driven engineering languages and systems
Model-Based Security Verification and Testing for Smart-cards
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
A model-based attack injection approach for security validation
Proceedings of the 4th international conference on Security of information and networks
Formal verification of application-specific security properties in a model-driven approach
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
ASLan++ -- a formal security specification language for distributed systems
FMCO'10 Proceedings of the 9th international conference on Formal Methods for Components and Objects
On the security of public key protocols
IEEE Transactions on Information Theory
Behavioral fuzzing operators for UML sequence diagrams
SAM'12 Proceedings of the 7th international conference on System Analysis and Modeling: theory and practice
| Hi-index | 0.00 |
Designing and executing test cases for security-critical protocols is a technically complicated and tedious process. SecureMDD is a model-driven approach that enables development of security-critical applications based on cryptographic protocols. In this paper we introduce a method which combines the model-driven approach used in SecureMDD with the design of functional and security tests. We construct and evaluate new modeling guidelines that allow the modeler to easily define such test cases during the modeling stage. We also implement model transformation routines to generate runnable tests for actual implementation of applications developed with SecureMDD.