{"title":"Formally testing fail-safety of electronic purse protocols","authors":"J. Jürjens, Guido Wimmel","doi":"10.1109/ASE.2001.989840","DOIUrl":null,"url":null,"abstract":"Designing and implementing security-critical systems correctly is difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems using the CASE tool AutoFocus. Cryptographic systems are formally specified with state transition diagrams, a notation for state machines in the AutoFocus system., We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. In particular we focus on the principle of fail-safety. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS). Most commonly, attacks address vulnerabilities in the way security mechanisms are used, rather than the mechanisms themselves. Being able to treat security aspects with a general CASE tool within the context of system development enables detection of such vulnerabilities.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"39","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASE.2001.989840","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 39
Abstract
Designing and implementing security-critical systems correctly is difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems using the CASE tool AutoFocus. Cryptographic systems are formally specified with state transition diagrams, a notation for state machines in the AutoFocus system., We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. In particular we focus on the principle of fail-safety. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS). Most commonly, attacks address vulnerabilities in the way security mechanisms are used, rather than the mechanisms themselves. Being able to treat security aspects with a general CASE tool within the context of system development enables detection of such vulnerabilities.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
