NIST logo

Publication Citation: Model-Based Approach to Security Test Automation

NIST Authors in Bold

Author(s): Mark Blackburn; Robert Busser; Aaron Nauman; Ramaswamy Chandramouli;
Title: Model-Based Approach to Security Test Automation
Published: November 01, 2002
Abstract: Security functional testing is a costly activity typically performed by security evaluation laboratories. These laboratories have struggled to keep pace with increasing demand to test numerous product variations. This paper summarizes the results of applying a model-based approach to automate security functional testing. The approach involves developing models of security function specifications (SFS) as the basis for automatic test vector and test driver generation. In the application, security properties were modeled and the resulting tests were executed against Oracle and Interbase database engines through a fully automated process. The findings indicate the approach, proven successful in a variety of other application domains, provides a cost-effective solution to security functional testing.
Citation: International Software Quality Week
Keywords: security function specifications;security functional testing;test driver;test vectors
Research Areas:
PDF version: PDF Document Click here to retrieve PDF version of paper (282KB)