Model Based Testing for Real: The Inhouse Card Case Study

We describe the modeling concepts of the CASE tool AutoFocus as well as our Constraint Logic Programming based approach to model-based test case generation along the lines of an inhouse smart card case study. Besides testing the model itself, we used the generated test cases to validate the respective properties in the actual hardware

Model-Based Test Case Generation for Smart Cards

Testing denotes a set of activities that aim at discovering discrepancies between actual and intended behaviors of a system. Often, the intended behavior is known only implicitly, which renders the process of testing unstructured, unmotivated in its details, and barely reproducible. The use of explicit and executable models to describe the intended behavior promises to solve these problems. We use an industrial case study---a smart card application---to present a method for automatically generating test cases from such explicit models. The test cases are used both to validate the model and verify the actual card

A Design Structure for Higher Order Quotients

Abstract. The quotient operation is a standard feature of set theory, where a set is partitioned into subsets by an equivalence relation. We reinterpret this idea for higher order logic, where types are divided by an equivalence relation to create new types, called quotient types. We present a design to mechanically construct quotient types as new types in the logic, and to support the automatic lifting of constants and theorems about the original types to corresponding constants and theorems about the quotient types. This design exceeds the functionality of Harrison’s package, creating quotients of multiple mutually recursive types simultaneously, and supporting the equivalence of aggregate types, such as lists and pairs. Most importantly, this design supports the creation of higher order quotients, which enable the automatic lifting of theorems with quantification over functions of any higher order.

Modelling and Verification of Layered Security Protocols: A Bank Application

Designing security-critical systems correctly is very diffcult and there are many examples of weaknesses arising in practice. A particular challenge lies in the development of layered security protocols motivated by the need to combine existing or specifically designed protocols that each enforce a particular security requirement. Although appealing from a practical point of view, this approach raises the difficult question of the security properties guaranteed by the combined layered protocols, as opposed to each protocol in isolation. In this work, we apply a method for facilitating the development of trustworthy security-critical systems using the computer-aided systems engineering tool AutoFocus to the particular problem of layered security protocols. We explain our method at the example of a banking application which is currently under development by a major German bank and is about to be put to commercial use