Abstract
This paper presents a case study on the use of formal methods in specification-based, black-box testing of a smart card applet. The system under test is a simple electronic purse application running on a Java Card platform. The specification of the applet is given as a Statechart model, and transformed into a functional form to serve as the input for the on-the-fly test generation, -execution, and -analysis tool GAST. We show that automated, formal, specification-based testing of smart card applets is of high value, and that errors can be detected using this model-based testing.
Chapter PDF
Similar content being viewed by others
References
UML resource page. http://www.uml.org.
P. Koopman and R. Plasmeijer. Testing reactive systems with GAST. In S. Gilmore, editor, Trends in Functional Programming 4, 111–129 (2004)
R. Plasmeijer and M. van Eekelen. The Concurrent Clean Language Report, version 2.0. http://www.cs.kun.nl/~clean.
D. Lee and M. Yannakakis. Principles and methods of testing finite state machines-a survey. Proc. IEEE, 84(8): 1090–1126 (1996)
J. Tretmans. Test generation with inputs, outputs and repetitive quiescence. Software-Concepts and Tools, 17(3):103–120 (1996)
L. du Bousquet and H. Martin. Automatic test generation for Java-Card applets. In 4th Workshop on Tools for System Design and Verification, (2000)
C. Jard and T. Jéron. TGV: theory, principles and algorithms. In IDPT’ 02, Pasadena, California, USA, Society for Design and Process Science (2002)
D. Clarke, T. Jéron, V. Rusu, and E. Zinovieva. Automated test and oracle generation for smart-card applications. In Proceedings of the International Conference on Research in Smart Cards, volume 2140 of LNCS, 58–70, Cannes, France (2001)
E. Hubbers, M. Oostdijk, and E. Poll. From finite state machines to provably correct java card applets. In D. Gritzalis, S. De Capitani di Vimercati, P. Samarati, and S.K. Katsikas, editors, Proceedings of the 18th IFIP Information Security Conference, Kluwer Academic Publishers, 465–470 (2003)
L. Burdy, Y. Cheon, D. Cok, M. Ernst, J.R. Kiniry, G.T. Leavens, K.R.M. Leino, and E. Poll. An overview of JML tools and applications. In Th. Arts and W. Fokkink, editors, FMICS’ 03, volume 80 of ENTCS, pages 73–89 (2003)
D. Cok and J. Kiniry. ESC/Java2: Uniting ESC/Java and JML: progress and issues in building and using ESC/Java2. Submitted for publication (2004)
B. Jacobs, M. Oostdijk, and M. Warnier. Source code verification of a secure payment applet. JLAP, 58:107–120 (2004)
J. Tretmans and E. Brinksma. TorX: Automated model based testing. In A. Hartman and K. Dussa-Zieger, editors, First European Conference on Model-Driven Software Engineering. Imbuss, Möhrendorf, Germany (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this paper
Cite this paper
van Weelden, A., Oostdijk, M., Frantzen, L., Koopman, P., Tretmans, J. (2005). On-the-Fly Formal Testing of a Smart Card Applet. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds) Security and Privacy in the Age of Ubiquitous Computing. SEC 2005. IFIP Advances in Information and Communication Technology, vol 181. Springer, Boston, MA. https://doi.org/10.1007/0-387-25660-1_37
Download citation
DOI: https://doi.org/10.1007/0-387-25660-1_37
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-25658-0
Online ISBN: 978-0-387-25660-3
eBook Packages: Computer ScienceComputer Science (R0)