Model-Based Firewall Conformance Testing

  • Achim D. Brucker
  • Lukas Brügger
  • Burkhart Wolff
Conference paper

DOI: 10.1007/978-3-540-68524-1_9

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5047)
Cite this paper as:
Brucker A.D., Brügger L., Wolff B. (2008) Model-Based Firewall Conformance Testing. In: Suzuki K., Higashino T., Ulrich A., Hasegawa T. (eds) Testing of Software and Communicating Systems. Lecture Notes in Computer Science, vol 5047. Springer, Berlin, Heidelberg


Firewalls are a cornerstone of todays security infrastructure for networks. Their configuration, implementing a firewall policy, is inherently complex, hard to understand, and difficult to validate.

We present a substantial case study performed with the model-based testing tool TestGen. Based on a formal model of firewalls and their policies in higher-order logic hol, we first present a derived theory for simplifying policies. We discuss different test plans for test specifications. Finally, we show how to integrate these issues to a domain-specific firewall testing tool holTestGen/fw.


Security Testing Model-based Testing Firewall Conformance Testing 
Download to read the full conference paper text

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Achim D. Brucker
    • 1
  • Lukas Brügger
    • 2
  • Burkhart Wolff
    • 3
  1. 1.SAP ResearchKarlsruheGermany
  2. 2.Information SecurityETH ZurichZurichSwitzerland
  3. 3.Universität des SaarlandesSaarbrückenGermany

Personalised recommendations