Model-based security testing: a taxonomy and systematic classification

Felderer, Michael; Zech, Philipp; Breu, Ruth; Büchler, Matthias; Pretschner, Alexander

doi:10.1002/stvr.1580

Cited by 77 publications

(55 citation statements)

References 140 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Also, a general understanding of the return of investment of model-based security testing approaches, which has already been highlighted as a challenge in [17], would help to apply such approaches efficiently. The issue of efficiently applying model-based testing approaches becomes even more critical when agile teams develop systems where the connection between safety and security is essential as in modern Internet-of-Things applications.…”

Section: Recommendations For Researchmentioning

confidence: 99%

How is Security Testing Done in Agile Teams? A Cross-Case Analysis of Four Software Teams

Cruzes

Felderer

Oyetoyan

et al. 2017

Lecture Notes in Business Information Processing

Self Cite

View full text Add to dashboard Cite

Abstract. Security testing can broadly be described as (1) the testing of security requirements that concerns confidentiality, integrity, availability, authentication, authorization, nonrepudiation and (2) the testing of the software to validate how much it can withstand an attack. Agile testing involves immediately integrating changes into the main system, continuously testing all changes and updating test cases to be able to run a regression test at any time to verify that changes have not broken existing functionality. Software companies have a challenge to systematically apply security testing in their processes nowadays. There is a lack of guidelines in practice as well as empirical studies in real-world projects on agile security testing; industry in general needs a more systematic approach to security. The findings of this research are not surprising, but at the same time are alarming. The lack of knowledge on security by agile teams in general, the large dependency on incidental pen-testers, and the ignorance in static testing for security are indicators that security testing is highly under addressed and that more efforts should be addressed to security testing in agile teams.

show abstract

Section: Recommendations For Researchmentioning

confidence: 99%

How is Security Testing Done in Agile Teams? A Cross-Case Analysis of Four Software Teams

Cruzes

Felderer

Oyetoyan

et al. 2017

Lecture Notes in Business Information Processing

Self Cite

View full text Add to dashboard Cite

show abstract

“…However, its current version (OASIS 2014) does not support the specification of SSoD and DSoD constraints. Moreover, since the effectiveness of test criteria is strongly related to its ability to represent specific domain faults (Felderer et al 2015), there is no guarantee that similarity testing can be as effective on RBAC as they were on XACML and LTS.…”

Section: Similarity Testingmentioning

confidence: 99%

“…This concept has been investigated under MBT (Cartaxo et al 2011), access control testing (Bertolino et al 2015) and software product line (SPL) testing (Henard et al 2014) domains, but it has never been applied to RBAC. Moreover, since the fault detection effectiveness of test criteria are strongly related to its ability to represent faults of specific domains (Felderer et al 2015), similarity testing may not be necessarily effective on RBAC domain.…”

mentioning

confidence: 99%

Similarity testing for role-based access control systems

Damasceno

Masiero

Simão

2018

J Softw Eng Res Dev

View full text Add to dashboard Cite

Context: Access control systems demand rigorous verification and validation approaches, otherwise, they can end up with security breaches. Finite state machines based testing has been successfully applied to RBAC systems and enabled to obtain effective test cases, but very expensive. To deal with the cost of these test suites, test prioritization techniques can be applied to improve fault detection along test execution. Recent studies have shown that similarity functions can be very efficient at prioritizing test cases. This technique is named similarity testing and assumes the hypothesis that resembling test cases tend to have similar fault detection capabilities. Thus, there is no gain from similar test cases, and fault detection ratio can be improved if test diversity increases. Objective: In this paper, we propose a similarity testing approach for RBAC systems named RBAC similarity and compare to simple dissimilarity and random prioritization. RBAC similarity combines the dissimilarity degree of pairs of test cases with their relevance to the RBAC policy under test to maximize test diversity and the coverage of its constraints. Method: Five RBAC policies and fifteen test suites were prioritized using each of the three test prioritization techniques and compared using the Average Percentage Faults Detected metric. Results: Our results showed that the combination of the dissimilarity degree to the relevance of a test case to RBAC policies in the RBAC similarity can be more effective than random prioritization and simple dissimilarity, by itself, in most of the cases. Conclusion: The RBAC similarity criterion is suitable as a test prioritization criteria for test suites generated from finite state machine models specifying RBAC systems.

show abstract

“…, X n } is a set of variables. 5 Further, C = E, A, AP, G, T , with disjoint sets of symbols, where E is a set of exploits, A is a set of attacks AP is a set of attack patterns, G is a set of attack goals, and T is a set of types. 6 The predicates described by set F are functions over C with…”

Section: Definition 2 (Extensional Database)mentioning

confidence: 99%

“…Resulting model-based security testing (MBST) approaches [5] thus immediately benefit from MBT in various aspects, e.g., a high degree of automation, potential early detection of software bugs already at the design level, and high coverage of the SUT by the resulting high quality test cases [6]. A crucial role in MBST is occupied by various kinds of security models, i.e., threat, fault and risk models, and weakness and vulnerability models.…”

Section: Introductionmentioning

confidence: 99%

Knowledge-based security testing of web applications by logic programming

Zech

Felderer

Breu

2017

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

This article introduces a new method for knowledge-based security testing by logic programming and the related tool implementation for model-based nonfunctional security testing of web applications. Our method helps to overcome the current prevalent focus on functional instead of non-functional (or negative) requirements as well as the required high level of security knowledge when performing non-functional security testing. It addresses issues like considering non-functional requirements for testing, managing the virtually infinite amount of negative security test cases, advancing non-functional security testing away from its prevalent penetration testing-like style, and making non-functional security testing feasible for testers that are not experts in security via a security knowledge base. The method and its model-based tool implementation are evaluated in two studies, which show the method's effectiveness in detecting vulnerabilities in web applications and thus, also its value in making software system more secure.

show abstract

Model-based security testing: a taxonomy and systematic classification

Cited by 77 publications

References 140 publications

How is Security Testing Done in Agile Teams? A Cross-Case Analysis of Four Software Teams

How is Security Testing Done in Agile Teams? A Cross-Case Analysis of Four Software Teams

Similarity testing for role-based access control systems

Knowledge-based security testing of web applications by logic programming

Contact Info

Product

Resources

About