Model Based Testing with Labelled Transition Systems

Tretmans, Jan

doi:10.1007/978-3-540-78917-8_1

Cited by 290 publications

(438 citation statements)

References 33 publications

Supporting

Mentioning

369

Contrasting

Unclassified

Order By: Relevance

“…The first one is close to the classical ioco implementation relation [5] where an implementation I is correct with respect to a specification S if the output actions executed by I after a sequence of actions is performed are a subset of the ones that can be executed by S. Intuitively, this means that the implementation does not invent actions that the specification did not contemplate. The formal definition of our first implementation relation was presented in [3].…”

Section: Implementation Relations For Uioltssmentioning

confidence: 81%

Specification and Testing of E-Commerce Agents Described by Using UIOLTSs

Pardo¹,

Núñez²,

Ruiz³

2010

Formal Techniques for Distributed Systems

View full text Add to dashboard Cite

show abstract

Section: Implementation Relations For Uioltssmentioning

confidence: 81%

Specification and Testing of E-Commerce Agents Described by Using UIOLTSs

Pardo¹,

Núñez²,

Ruiz³

2010

Formal Techniques for Distributed Systems

View full text Add to dashboard Cite

show abstract

“…In order to find these problems, it is good practice to incorporate some form of formal verification in the development and implementation of security products, see for instance [FL12]. Also, systematic and automated model checking techniques proposed in [Tre08] can help to detect and avoid implementation weaknesses like the privilege escalation in iClass. Alternatively, formalizing the whole design in a theorem prover [Bla01], [JWS11] may reveal additional weaknesses.…”

Section: Resultsmentioning

confidence: 99%

Wirelessly lockpicking a smart card reader

Garcia

Gans

Verdult

2014

Int. J. Inf. Secur.

View full text Add to dashboard Cite

With more than 300 million cards sold, HID iClass is one of the most popular contactless smart cards on the market. It is widely used for access control, secure login and payment systems. The card uses 64-bit keys to provide authenticity and integrity. The cipher and key diversification algorithms used in iClass are proprietary and little information about them is publicly available. In this paper we have reverse engineered all security mechanisms in the card including cipher, authentication protocol and also key diversification algorithms, which we publish in full detail. Furthermore, we have found six critical weaknesses that we exploit in two attacks, one against iClass Standard and one against iClass Elite (a.k.a., iClass High Security). In order to recover a secret card key, the first attack requires one authentication attempt with a legitimate reader and 2 22 queries to a card. This attack has a computational complexity of 2 40 MAC computations. The whole attack can be executed within a day on ordinary hardware. Remarkably, the second attack which is against iClass Elite is significantly faster. It directly recovers the system wide master key from only 15 authentication attempts with a legitimate reader. The computational complexity of this attack is lower than 2 25 MAC computations, which means that it can be fully executed within 5 seconds on an ordinary laptop.

show abstract

“…The following notions are known in the literature: -inclusion conformance [18]: all traces in SPEC must be possible in SUT, -deadlock conformance [10]: for all traces t ∈ Traces(SPEC) and b / ∈ In(t), b must be refused by SUT, and -input/output conformance (IOCO) [25]: for all traces t ∈ Traces(SPEC) and all ι ∈ In(t), the observed output of the SUT must be in Out(t, ι).…”

Section: A Gentle Introduction To Sequence Testing Theorymentioning

confidence: 99%

Monadic Sequence Testing and Explicit Test-Refinements

Brucker

Wolff²

2016

Tests and Proofs

View full text Add to dashboard Cite

We present an abstract framework for sequence testing that is implemented in Isabelle/HOL-TestGen. Our framework is based on the theory of state-exception monads, explicitly modelled in HOL, and can cope with typed input and output, interleaving executions including abort, and synchronisation. The framework is particularly geared towards symbolic execution and has proven effective in several large case-studies involving system models based on large (or infinite) state. On this basis, we rephrase the concept of test-refinements for inclusion, deadlock and IOCO-like tests, together with a formal theory of its relation to traditional, IO-automata based notions.

show abstract

Model Based Testing with Labelled Transition Systems

Cited by 290 publications

References 33 publications

Specification and Testing of E-Commerce Agents Described by Using UIOLTSs

Specification and Testing of E-Commerce Agents Described by Using UIOLTSs

Wirelessly lockpicking a smart card reader

Monadic Sequence Testing and Explicit Test-Refinements

Contact Info

Product

Resources

About