Test generation and execution for security rules in temporal logic

Test generation and execution for security rules in temporal logic

We propose an approach to generate and execute tests of the conformance of a system to a given security policy. The method is rule-based: it generates test cases directly from a security policy expressed as a set of security requirements, using two relations: one between predicates appearing in the...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Darmaillacq, V., Richier, J.-L., Groz, R.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Control systems
Educational institutions
Formal specifications
Interconnected systems
Intrusion detection
Logic testing
Performance evaluation
Security
System testing
Tiles
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We propose an approach to generate and execute tests of the conformance of a system to a given security policy. The method is rule-based: it generates test cases directly from a security policy expressed as a set of security requirements, using two relations: one between predicates appearing in the rules and elementary test cases, called tiles, used to test predicates in the system, and another one between logical operators and test case combinators. The proposed method is semi-automatic, and takes into account all the steps necessary to execute the test cases, from the formalization of security requirements to the execution of test cases on a real system. We describe the implementation of the method we developed and a first series of experiments taking advantage of this implementation.
DOI:10.1109/ICSTW.2008.41