Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
423577 | Electronic Notes in Theoretical Computer Science | 2008 | 12 Pages |
Abstract
Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems based on UMLsec models. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), a candidate for an international electronic purse standard.
Related Topics
Physical Sciences and Engineering
Computer Science
Computational Theory and Mathematics