In this work, we investigate the combination of controller synthesis and test generation techniques for the testing of open, partially observable systems with respect to security policies. We consider two kinds of properties: integrity properties and confidentiality properties. We assume that the behavior of the system is modeled by a labeled transition system and assume the existence of a blac...

This paper proposes an automated, white-box security testing framework to identify true input manipulation vulnerabilities that can reduce warnings generated by static analysis tools or automated black-box testing tools.

System verification is often hindered by the absence of formal models. Peled et al. proposed black-box checking as a solution to this problem. This technique applies active automata learning to infer models of systems with unknown internal structure. This kind of learning relies on conformance testing to determine whether a learned model actually represents the considered system. Since conforma...

ATIFS is a testing toolset which supports the activities of black-box testing for reactive systems, especially communication systems [MAF03]. In ATIFS, two types of testing are carried on: conformance testing and software fault injection. Its tools were conceived to provide a user with facilities for test case derivation, test execution and test result analysis. At the moment, several prototype...

in the privy and pail closet. Sanitary laws are intended to give power to communities which single individuals cannot possess, and in this country these laws?to some extent?are permissive, so that we see in some districts the law is rigidly enforced, while community after community is still found living in the most insanitary conditions. It is over 50 years since that sanitary abomination known...

A methodology that combines veri cation and conformance testing for validating safety requirements of reactive systems is presented The requirements are rst automatically veri ed on the system s speci cation Then test cases are automatically derived from the speci cation and the requirements and executed on a black box implementation of the system The test cases attempt to push the implementati...

Optimization using simulation has increased in popularity in recent years as more and more simulation packages now offer optimization features. At the same time, academic research in this area has grown, but more work is needed to bring results from the academic community to solve practical problems. This paper describes an effort in this direction. We present a framework that can be used to ef...

No matter which tools, techniques, and methodologies are used for software development, it remains an error-prone process. Nevertheless, changing such important constituents of the software process surely has an effect on the types of faults inherent in the developed software. For instance, some types of faults are typical for structured development, whereas others are typical for object-orient...

A methodology that combines verification and conformance testing for validating safety requirements of reactive systems is presented. The requirements are first automatically verified on the system’s specification. Then, test cases are automatically derived from the specification and the requirements, and executed on a black-box implementation of the system. The test cases attempt to push the i...

A typical component-based system architecture comprises a set of components that have been purposefully designed and structured to ensure that they have "pluggable" interfaces and an acceptable match with a defined system context. However, the black-box nature of many software components means there is never a clean match between system specifications and concrete software components. Systemati...