Abstract. Checking that a security policy has been correctly deployed over a network is a key issue for system administrators. Although this is a kind of conformance testing, there are a number of significant differences with the framework of such standards as IS9646. We propose a method to derive tests from a policy expressed as a set of rules, with a single modality. For each element of our language and each type of rule, we propose a pattern of test, which we call a tile. We then combine those tiles into a test for the whole rule.