Specification-Based Testing of Firewalls

  • Jan Jürjens
  • Guido Wimmel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2244)


Firewalls protect hosts in a corporate network from attacks. Together with the surrounding network infrastructure, they form a complex system, the security of which relies crucially on the correctness of the firewalls. We propose a method for specification-based testing of firewalls. It enables to formally model the firewalls and the surrounding network and to mechanically derive test-cases checking the firewalls for vulnerabilities. We use a general CASE-tool which makes our method fiexible and easy to use.


Access Control Policy Source Address Destination Address Constraint Logic Programming Mail Server 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Abadi and Jan Jürjens. Formal eavesdropping and its computational interpretation. In Theoretical Aspects of Computer Software (TACS’01), LNCS. Springer, 2001.Google Scholar
  2. 2.
    S. Bellovin. Security problems in the TCP/IP protocol suite. Computer Communication Review, 19(2):32–48, 1989.CrossRefGoogle Scholar
  3. 3.
    Y. Bartal, A. Mayer, K. Nissim, and A. Wool. Firmato: A novel firewall management toolkit. In Security and Privacy, 1999.Google Scholar
  4. 4.
    W. Cheswick and S. Bellovin. Firewalls and Internet Security: repelling the wily hacker. Addison-Wesley, 1994.Google Scholar
  5. 6.
    M. Freiss. Protecting Networks with SATAN. O’Reilly, 1998.Google Scholar
  6. 7.
    J. Guttman. Filtering postures: Local enforcement for global policies. In IEEE Symposium on Security and Privacy, 1997.Google Scholar
  7. 8.
    J. Guttman. Security goals: Packet trajectories and strand spaces. In R. Gorrieri and R. Focardi, editors, Foundations of Security Analysis and Design, LNCS. Springer, 2001. Forthcoming.Google Scholar
  8. 9.
    F. Huber, S. Molterer, A. Rausch, B. Schätz, M. Sihling, and O. Slotosch. Tool supported Specification and Simulation of Distributed Systems. In International Symposium on Software Engineering for Parallel and Distributed Systems, pages 155–164, 1998.Google Scholar
  9. 10.
    F. Huber, S. Molterer, B. Schätz, O. Slotosch, and A. Vilbig. Trafic Lights-An AutoFocus Case Study. In 1998 International Conference on Application of Concurrency to System Design, pages 282–294. IEEE Computer Society, 1998.Google Scholar
  10. 11.
    Jan Jürjens. Composability of secrecy. In International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security (MMM-ACNS 2001), volume 2052 of LNCS, pages 28–38. Springer, 2001.Google Scholar
  11. 12.
    Jan Jürjens. Secrecy-preserving refinement. In Formal Methods Europe (International Symposium), volume 2021 of LNCS, pages 135–152. Springer, 2001.Google Scholar
  12. 13.
    H. Lötzbeyer and A. Pretschner. Testing concurrent reactive systems with constraint logic programming. In 2nd Workshop on Rule-Based Constraint Reasoning and Programming, Singapore, 2000.Google Scholar
  13. 14.
    A. Mayer, A. Wool, and E. Ziskind. Fang: A firewall analysis engine. In IEEE Symposium on Security and Privacy, 2000.Google Scholar
  14. 15.
    R. Ritchey and P. Ammann. Using model checking to analyze network vulnerabilities. In IEEE Symposium on Security and Privacy, 2000.Google Scholar
  15. 16.
    C. Schuba. On the Modeling, Design, and Implementation of Firewall Technology. PhD thesis, CERIAS, Purdue, 1997.Google Scholar
  16. 17.
    G. Wimmel. Specification Based Determination of Test Sequences in Embedded Systems. Master’s thesis, Technische Universität München, 2000.Google Scholar
  17. 18.
    G. Wimmel, H. Lötzbeyer, A. Pretschner, and O. Slotosch. Specification Based Test Sequence Generation with Propositional Logic. Journal on Software Testing Verification and Reliability, 10, 2000.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Jan Jürjens
    • 1
  • Guido Wimmel
    • 2
  1. 1.Department of Computer ScienceMunich University of TechnologyMünchenGermany
  2. 2.Computing LaboratoryUniversity of OxfordOxfordGreat Britain

Personalised recommendations