Retaining Consistency for Knowledge-Based Security Testing
Testing of software and systems requires a set of inputs to the system under test as well as test oracles for checking the correctness of the obtained output. In this paper we focus on test oracles within the domain of security testing, which require consistent knowledge of security policies. Unfortunately, consistency of knowledge cannot always be ensured. Therefore, we strongly require a process of retaining consistencies in order to provide a test oracle. In this paper we focus on an automated approach for consistency handling that is based on the basic concepts and ideas of model-based diagnosis. Using a brief example, we discuss the underlying method and its application in the domain of security testing. The proposed algorithm guarantees to find one root cause of an inconsistency and is based on theorem proving.
Keywordsmodel-based diagnosis root cause analysis testing oracle
Unable to display preview. Download preview PDF.
- 1.Bond, G.W.: Logic Programs for Consistency-Based Diagnosis. PhD thesis, Carleton University, Faculty of Engineering, Ottawa, Canada (1994)Google Scholar
- 3.Console, L., Friedrich, G., Dupré, D.T.: Model-based diagnosis meets error diagnosis in logic programs. In: International Joint Conference on Artificial Intelligence (IJCAI), Chambery, pp. 1494–1499 (August 1993)Google Scholar
- 7.Hoglund, G., McGraw, G.: Exploiting Software: How to Break Code. Addison-Wesley (2004) ISBN: 0-201-78695-8Google Scholar
- 8.McCune, W.: Prover9 and mace4, http://www.cs.unm.edu/~mccune/prover9/ (2005–2010)
- 10.Shapiro, E.: Algorithmic Program Debugging. MIT Press, Cambridge (1983)Google Scholar