Security Testing with Fault-Models and Properties

Web applications are complex and face a massive amount of sophisticated attacks. Since manually testing web applications for security issues is hard and time consuming, automated testing is preferable. In model-based testing, test cases are often generated using structural criteria. Since such test cases do not directly target security properties, this Ph.D thesis proposes to use a fault model for generating tests for web applications. Faults are represented as known source code vulnerabilities that, by using respective mutation operators at the model level, are injected into models of a System Under Validation to generate “interesting” test cases. To achieve this, advantages of penetration testing are combined with model-checkers dedicated to security analysis. To find attacks on real systems the gap between an abstract attack trace output by a model-checker and a penetration test needs to be addressed. This Ph.D thesis contributes with a semi-automatic methodology to turn abstract attack traces operational.