Corpus ID: 16803955

Model-based Approach to Security Test Automation

@inproceedings{Blackburn2001ModelbasedAT,
  title={Model-based Approach to Security Test Automation},
  author={Mark R. Blackburn and Robert Busser and Aaron Nauman and R. Chandramouli},
  year={2001}
}
  • Mark R. Blackburn, Robert Busser, +1 author R. Chandramouli
  • Published 2001
  • Engineering
  • Security functional testing is a costly activity typically performed by security evaluation laboratories. These laboratories have struggled to keep pace with increasing demand to test numerous product variations. This paper summarizes the results of applying a model-based approach to automate functional security testing. The approach involves developing models of security requirements as the basis for automatic test vector and test driver generation. In the application, security properties were… CONTINUE READING
    41 Citations

    Figures and Tables from this paper

    Model-Based Security Testing
    • 69
    • PDF
    A Security Assurance Framework Combining Formal Verification and Security Functional Testing
    • Weiguang Wang, Qingkai Zeng, A. Mathur
    • Computer Science
    • 2012 12th International Conference on Quality Software
    • 2012
    • 3
    Towards Model-Based Automatic Testing of Attack Scenarios
    • 13
    Knowledge-based security testing of web applications by logic programming
    • 6
    • PDF
    Automated Security Test Generation with Formal Threat Models
    • 87
    • PDF
    Security Attack Testing (SAT) - testing the security of information systems at design time
    • 58
    • PDF
    A threat model‐based approach to security testing
    • 41
    • PDF

    References

    SHOWING 1-10 OF 19 REFERENCES
    Using models for test generation and analysis
    • M. Blackburn
    • Computer Science
    • 17th DASC. AIAA/IEEE/SAE. Digital Avionics Systems Conference. Proceedings (Cat. No.98CH36267)
    • 1998
    • 25
    • PDF
    T-VEC: a tool for developing critical systems
    • 40
    • PDF
    Automated consistency checking of requirements specifications
    • 647
    • PDF
    Automatic generation of test vectors for SCR-style specifications
    • 50
    • PDF
    A Domain Strategy for Computer Program Testing
    • 385
    Oracle Corporation, Oracle8 Security Target Release 8
    • Oracle Corporation, Oracle8 Security Target Release 8
    • 2000
    Test Automation Framework, State-based and Signal Flow Examples
    • Twelfth Annual Software Technology Conference
    • 2000
    Test Automation Framework, State-based and Signal Flow Examples
    • Twelfth Annual Software Technology Conference
    • 2000
    Twelfth Annual Software Technology Conference
    • 30 April - 5 May
    • 2000
    Twelfth Annual Software Technology Conference
    • 30 April - 5 May
    • 2000