Model-Based Security Testing

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST) is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.Comment: In Proceedings MBT 2012, arXiv:1202.582

A Testability Analysis Framework for Non-Functional Properties

This paper presents background, the basic steps and an example for a testability analysis framework for non-functional properties

Is the Stack Distance Between Test Case and Method Correlated With Test Effectiveness?

Mutation testing is a means to assess the effectiveness of a test suite and its outcome is considered more meaningful than code coverage metrics. However, despite several optimizations, mutation testing requires a significant computational effort and has not been widely adopted in industry. Therefore, we study in this paper whether test effectiveness can be approximated using a more light-weight approach. We hypothesize that a test case is more likely to detect faults in methods that are close to the test case on the call stack than in methods that the test case accesses indirectly through many other methods. Based on this hypothesis, we propose the minimal stack distance between test case and method as a new test measure, which expresses how close any test case comes to a given method, and study its correlation with test effectiveness. We conducted an empirical study with 21 open-source projects, which comprise in total 1.8 million LOC, and show that a correlation exists between stack distance and test effectiveness. The correlation reaches a strength up to 0.58. We further show that a classifier using the minimal stack distance along with additional easily computable measures can predict the mutation testing result of a method with 92.9% precision and 93.4% recall. Hence, such a classifier can be taken into consideration as a light-weight alternative to mutation testing or as a preceding, less costly step to that.Comment: EASE 201

Hybridation of Bayesian networks and evolutionary algorithms for multi-objective optimization in an integrated product design and project management context

A better integration of preliminary product design and project management processes at early steps of system design is nowadays a key industrial issue. Therefore, the aim is to make firms evolve from classical sequential approach (first product design the project design and management) to new integrated approaches. In this paper, a model for integrated product/project optimization is first proposed which allows taking into account simultaneously decisions coming from the product and project managers. However, the resulting model has an important underlying complexity, and a multi-objective optimization technique is required to provide managers with appropriate scenarios in a reasonable amount of time. The proposed approach is based on an original evolutionary algorithm called evolutionary algorithm oriented by knowledge (EAOK). This algorithm is based on the interaction between an adapted evolutionary algorithm and a model of knowledge (MoK) used for giving relevant orientations during the search process. The evolutionary operators of the EA are modified in order to take into account these orientations. The MoK is based on the Bayesian Network formalism and is built both from expert knowledge and from individuals generated by the EA. A learning process permits to update probabilities of the BN from a set of selected individuals. At each cycle of the EA, probabilities contained into the MoK are used to give some bias to the new evolutionary operators. This method ensures both a faster and effective optimization, but it also provides the decision maker with a graphic and interactive model of knowledge linked to the studied project. An experimental platform has been developed to experiment the algorithm and a large campaign of tests permits to compare different strategies as well as the benefits of this novel approach in comparison with a classical EA

Optimal design of batch plants under economic and ecological considerations: Application to a biochemical batch plant

This work deals with the multicriteria cost-environment design of multiproduct batch plants, where the design variables are the equipment item sizes as well as the operating conditions. The case study is a multiproduct batch plant for the production of four recombinant proteins. Given the important combinatorial aspect of the problem, the approach used consists in coupling a stochastic algorithm, indeed a Genetic Algorithm (GA) with a Discrete Event Simulator (DES). To take into account the conflicting situations that may be encountered at the earliest stage of batch plant design, i.e. compromise situations between cost and environmental considerations, a Multicriteria Genetic Algorithm (MUGA) was developed with a Pareto optimal ranking method. The results show how the methodology can be used to find a range of trade-off solutions for optimizing batch plant design

Ecodesign of Batch Processes: Optimal Design Strategies for Economic and Ecological Bioprocesses

This work deals with the multicriteria cost-environment design of multiproduct batch plants, where the design variables are the equipment item sizes as well as the operating conditions. The case study is a multiproduct batch plant for the production of four recombinant proteins. Given the important combinatorial aspect of the problem, the approach used consists in coupling a stochastic algorithm, indeed a Genetic Algorithm (GA) with a Discrete Event Simulator (DES). To take into account the conflicting situations that may be encountered at the earliest stage of batch plant design, i.e. compromise situations between cost and environmental consideration, a Multicriteria Genetic Algorithm (MUGA) was developed with a Pareto optimal ranking method. The results show how the methodology can be used to find a range of trade-off solutions for optimizing batch plant design