35,933 research outputs found
Model-Based Security Testing
Security testing aims at validating software system requirements related to
security properties like confidentiality, integrity, authentication,
authorization, availability, and non-repudiation. Although security testing
techniques are available for many years, there has been little approaches that
allow for specification of test cases at a higher level of abstraction, for
enabling guidance on test identification and specification as well as for
automated test generation.
Model-based security testing (MBST) is a relatively new field and especially
dedicated to the systematic and efficient specification and documentation of
security test objectives, security test cases and test suites, as well as to
their automated or semi-automated generation. In particular, the combination of
security modelling and test generation approaches is still a challenge in
research and of high interest for industrial applications. MBST includes e.g.
security functional testing, model-based fuzzing, risk- and threat-oriented
testing, and the usage of security test patterns. This paper provides a survey
on MBST techniques and the related models as well as samples of new methods and
tools that are under development in the European ITEA2-project DIAMONDS.Comment: In Proceedings MBT 2012, arXiv:1202.582
Automatic Test Generation for Space
The European Space Agency (ESA) uses an engine to perform tests in the Ground
Segment infrastructure, specially the Operational Simulator. This engine uses
many different tools to ensure the development of regression testing
infrastructure and these tests perform black-box testing to the C++ simulator
implementation. VST (VisionSpace Technologies) is one of the companies that
provides these services to ESA and they need a tool to infer automatically
tests from the existing C++ code, instead of writing manually scripts to
perform tests. With this motivation in mind, this paper explores automatic
testing approaches and tools in order to propose a system that satisfies VST
needs
The formal, tool supported development of real time systems
The language SDL has long been applied in the development of various kinds of systems. Real-time systems are one application area where SDL has been applied extensively. Whilst SDL allows for certain modelling aspects of real-time systems to be represented, the language and its associated tool support have certain drawbacks for modelling and reasoning about such systems. In this paper we highlight the limitations of SDL and its associated tool support in this domain and present language extensions and next generation real-time system tool support to help overcome them. The applicability of the extensions and tools is demonstrated through a case study based upon a multimedia binding object used to support a configuration of time dependent information producers and consumers realising the so called lip-synchronisation algorithm
Challenges for the comprehensive management of cloud services in a PaaS framework
The 4CaaSt project aims at developing a PaaS framework that enables flexible definition, marketing, deployment and management of Cloud-based services and applications. The major innovations proposed by 4CaaSt are the blueprint and its lifecycle management, a one stop shop for Cloud services and a PaaS level resource management featuring elasticity. 4CaaSt also provides a portfolio of ready to use Cloud native services and Cloud-aware immigrant technologies
Towards Statistical Prioritization for Software Product Lines Testing
Software Product Lines (SPL) are inherently difficult to test due to the
combinatorial explosion of the number of products to consider. To reduce the
number of products to test, sampling techniques such as combinatorial
interaction testing have been proposed. They usually start from a feature model
and apply a coverage criterion (e.g. pairwise feature interaction or
dissimilarity) to generate tractable, fault-finding, lists of configurations to
be tested. Prioritization can also be used to sort/generate such lists,
optimizing coverage criteria or weights assigned to features. However, current
sampling/prioritization techniques barely take product behavior into account.
We explore how ideas of statistical testing, based on a usage model (a Markov
chain), can be used to extract configurations of interest according to the
likelihood of their executions. These executions are gathered in featured
transition systems, compact representation of SPL behavior. We discuss possible
scenarios and give a prioritization procedure illustrated on an example.Comment: Extended version published at VaMoS '14
(http://dx.doi.org/10.1145/2556624.2556635
- âŠ