{"title":"Security testing and resilience","authors":"A. Cavalli","doi":"10.1109/ICSTW52544.2021.00031","DOIUrl":null,"url":null,"abstract":"Testing techniques are used to check if a given system implementation satisfies its specification or some predefined properties. In the last years an important research activity has taken place concerning the definition of testing techniques for security. Resilience has also become a crucial issue to guarantee the security and robustness of systems. Resilience is the capability of a system to continue to function properly with minimal degradation of performance, despite intrusions and attacks. In this lecture, we will present the main features of security testing and resilience. Regarding security testing, we will focus on model-based security testing, penetration testing and fuzzing testing. Regarding resilience, we will present a formal methodology that is based on three techniques: modelling, diversification and reflection. To implement this methodology, we first developed an approach of resilience that leverages model-level diversity. With this aim, we define a model of the system and derive more robust variants that can replace the first one in case of attack. To avoid manually deriving the variants and to increase the level of diversity, we propose a second complementary approach. The latter approach also consists in having different variants of ones services; but unlike the first, we have a single model and the implementations differ at the language, source code and binaries levels. To conclude we propose a formal Web service testing framework by incorporating these complementary mechanisms in order to take advantage of the benefits provided by each.We present the project H2020 VeriDevOps to illustrate the application of our approaches. The main objective of VeriDevOps is to improve automation to protect and prevent security issues based on: 1) the extraction of security and safety requirements from natural language to obtain a formal description that is validated using model checking; 2) the application of security testing techniques based on penetration testing; 3) the application of security monitoring at runtime to ensure app/system/network supervision at different layers based on the passive capture of traces and AI/ML-based techniques. Root Cause Analysis complements this activity, being focused on identifying the root cause of incidents and providing alerts.","PeriodicalId":441435,"journal":{"name":"ICST Workshops","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ICST Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSTW52544.2021.00031","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Testing techniques are used to check if a given system implementation satisfies its specification or some predefined properties. In the last years an important research activity has taken place concerning the definition of testing techniques for security. Resilience has also become a crucial issue to guarantee the security and robustness of systems. Resilience is the capability of a system to continue to function properly with minimal degradation of performance, despite intrusions and attacks. In this lecture, we will present the main features of security testing and resilience. Regarding security testing, we will focus on model-based security testing, penetration testing and fuzzing testing. Regarding resilience, we will present a formal methodology that is based on three techniques: modelling, diversification and reflection. To implement this methodology, we first developed an approach of resilience that leverages model-level diversity. With this aim, we define a model of the system and derive more robust variants that can replace the first one in case of attack. To avoid manually deriving the variants and to increase the level of diversity, we propose a second complementary approach. The latter approach also consists in having different variants of ones services; but unlike the first, we have a single model and the implementations differ at the language, source code and binaries levels. To conclude we propose a formal Web service testing framework by incorporating these complementary mechanisms in order to take advantage of the benefits provided by each.We present the project H2020 VeriDevOps to illustrate the application of our approaches. The main objective of VeriDevOps is to improve automation to protect and prevent security issues based on: 1) the extraction of security and safety requirements from natural language to obtain a formal description that is validated using model checking; 2) the application of security testing techniques based on penetration testing; 3) the application of security monitoring at runtime to ensure app/system/network supervision at different layers based on the passive capture of traces and AI/ML-based techniques. Root Cause Analysis complements this activity, being focused on identifying the root cause of incidents and providing alerts.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
