Model-based Approach to Security Test Automation
@inproceedings{Blackburn2001ModelbasedAT, title={Model-based Approach to Security Test Automation}, author={Mark R. Blackburn and Robert Busser and Aaron Nauman and R. Chandramouli}, year={2001} }
Security functional testing is a costly activity typically performed by security evaluation laboratories. These laboratories have struggled to keep pace with increasing demand to test numerous product variations. This paper summarizes the results of applying a model-based approach to automate functional security testing. The approach involves developing models of security requirements as the basis for automatic test vector and test driver generation. In the application, security properties were… CONTINUE READING
41 Citations
A Security Assurance Framework Combining Formal Verification and Security Functional Testing
- Computer Science
- 2012 12th International Conference on Quality Software
- 2012
- 3
Towards Model-Based Automatic Testing of Attack Scenarios
- Engineering, Computer Science
- SAFECOMP
- 2009
- 13
Knowledge-based security testing of web applications by logic programming
- Computer Science
- International Journal on Software Tools for Technology Transfer
- 2017
- 6
- PDF
Automated Security Test Generation with Formal Threat Models
- Computer Science
- IEEE Transactions on Dependable and Secure Computing
- 2012
- 87
- PDF
Security Attack Testing (SAT) - testing the security of information systems at design time
- Computer Science
- Inf. Syst.
- 2007
- 58
- PDF
A threat model‐based approach to security testing
- Engineering, Computer Science
- Softw. Pract. Exp.
- 2013
- 41
- PDF
References
SHOWING 1-10 OF 19 REFERENCES
Using models for test generation and analysis
- Computer Science
- 17th DASC. AIAA/IEEE/SAE. Digital Avionics Systems Conference. Proceedings (Cat. No.98CH36267)
- 1998
- 25
- PDF
T-VEC: a tool for developing critical systems
- Engineering
- Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96
- 1996
- 40
- PDF
Automatic generation of test vectors for SCR-style specifications
- Computer Science
- Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance
- 1997
- 50
- PDF
A Domain Strategy for Computer Program Testing
- Computer Science
- IEEE Transactions on Software Engineering
- 1980
- 385
Oracle Corporation, Oracle8 Security Target Release 8
- Oracle Corporation, Oracle8 Security Target Release 8
- 2000
Test Automation Framework, State-based and Signal Flow Examples
- Twelfth Annual Software Technology Conference
- 2000
Test Automation Framework, State-based and Signal Flow Examples
- Twelfth Annual Software Technology Conference
- 2000
Twelfth Annual Software Technology Conference
- 30 April - 5 May
- 2000
Twelfth Annual Software Technology Conference
- 30 April - 5 May
- 2000