Title :
Protocol Security Testing with SPIN and TTCN-3
Author :
Zhou, Li ; Yin, Xia ; Wang, Zhiliang
Author_Institution :
Tsinghua Nat. Lab. for Inf. Sci. & Technol., Beijing, China
Abstract :
Protocol security testing is an important technique to ensure the security of communication protocols. However, methods considering both effective detection to specification vulnerabilities and efficient testing on protocol implementations are not well developed. In this paper, we present a general method for protocol security testing including protocol verification with SPIN model checker and protocol testing with formal testing language TTCN-3. We use threat model to model malicious entities and import the classification of information security to achieve a complete analysis of security requirements for protocol verification. We also develop a SPIN Trail to TTCN-3(st2ttcn) conversion tool to generate test cases automatically from counter examples obtained from model checking. As a case study, we apply our approach to the security testing of Source Address Validation Improvements (SAVI) protocol. We test two versions of SAVI-DHCP protocol. Security vulnerabilities have been found and tested in corresponding implementations.
Keywords :
formal specification; program testing; programming languages; protocols; security of data; SAVI-DHCP protocol; SPIN model checker; TTCN-3; automatic test case generation; communication protocol; formal testing language; information security; malicious entity model; protocol security testing; protocol verification; security requirement; security vulnerability; source address validation improvement; specification vulnerability; testing and test control notation; threat model; Analytical models; IP networks; Protocols; Radiation detectors; Security; Switches; Testing; TTCN-3; model checking; protocol security testing;
Conference_Titel :
Software Testing, Verification and Validation Workshops (ICSTW), 2011 IEEE Fourth International Conference on
Conference_Location :
Berlin
Print_ISBN :
978-1-4577-0019-4
Electronic_ISBN :
978-0-7695-4345-1
DOI :
10.1109/ICSTW.2011.18