Using Model-Based Testing to Assess Smart Card Interoperability Conformance

Smart cards are being used to provide security for many types of applications, and with an estimated market of 3.3 billion in 2005, their usefulness is based on their intrinsic portability and security. The National Institute of Standards and Technology (NIST) initiated the Smart Card Interoperability Program to provide standards (Government Smart Card Interoperability Specification –GSC-IS) and tests to accelerate the use of this technology. The GSC-IS provides specifications for interoperability for Smart Card-Based Applications at two layers – the first one called the Basic Service Interface (BSI) layer and the second one called the Virtual Card-Edge (VCEI) layer. The BSI layer is the interface between a client application and the smart card middleware while the VCEI layer is the interface between the Smart Card Middleware and on-card application. This paper describes the approach and results of a model-based test generation effort that tests a smart card middleware implementation for conformance to the BSI layer of GSC-IS specifications. Our approach consists of using the function signatures in the BSI layer of GSC-IS as requirements to develop a verification model and then generating test vectors and executable test code based on the model to facilitate testing of a smart card middleware implementation. The tests are generated for Java language binding of the BSI specification.