Security Policy specification and testing constitute two fundamental challenges in the development of secure communication systems since they can ensure that a security policy is correctly enforced. Model checking techniques can be used to do such task. Given a system modeling and a test criterion, the model checker can generate a counterexample from which test cases can be deduced. To address the previous challenges, we propose in this paper, a framework to specify a security policy and to test its implementation. This framework is characterized as follows: (1) the security policy enforcement is specified through a new modeling language, SPromela, (2) the test criteria are expressed by the use of a temporal logic LTL and (3) the test cases are generated by a classical model checking technique.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.