登录 注册 会员服务 联系我们

COMPONENT SECURITY TESTING APPROACH BASED ON EXTENDED CHEMICAL ABSTRACT MACHINE

  • Published:2012-02 Issue:01 Volume:22 Page:59-83
  • ISSN:0218-1940
  • Container-title:International Journal of Software Engineering and Knowledge Engineering
  • language:en
  • Short-container-title:Int. J. Soft. Eng. Knowl. Eng.

Author:

CHEN JINFU1,LU YANSHENG2,WANG HUANHUAN1

Affiliation:

1. School of Computer Science and Telecommunication Engineering, Jiangsu University, Jiangsu, 212013, China

2. School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, Hubei, 430074, China

Abstract

Unreliable component security hinders the development of component technology. Component security testing is rarely researched with comprehensive focus; several approaches or technologies for detecting vulnerabilities in component security have been proposed, but most are infeasible. A testing approach for component security, which is based on the chemical abstract machine, is proposed for detecting explicit and implicit component security vulnerabilities. We develop an extended chemical abstract machine model, called eCHAM, and generate a state transfer tree and testing sequence for components based on the proposed model. The model can help test the explicit security exceptions of components according to the testing approach of interface fault injection. Condition and state mutation algorithms for identifying implicit security exceptions are also proposed. Vulnerability testing reports are obtained according to the test results. Experiments were conducted in an integration testing platform to verify the applicability of the proposed approach. Results show that the approach is effective and practicable. The proposed approach can detect explicit and implicit security exceptions of components.

Publisher

World Scientific Pub Co Pte Lt

Subject

Artificial Intelligence,Computer Graphics and Computer-Aided Design,Computer Networks and Communications,Software

Cited by 7 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. An Improved Test Case Generation Method based on Test Requirements for Testing Software Component;2022 IEEE 22nd International Conference on Software Quality, Reliability, and Security Companion (QRS-C);2022-12

2. A Vulnerability Model Construction Method Based on Chemical Abstract Machine;Wuhan University Journal of Natural Sciences;2018-03-19

3. Detecting Implicit Security Exceptions Using an Improved Variable-Length Sequential Pattern Mining Method;International Journal of Software Engineering and Knowledge Engineering;2017-10

4. Automatic Generation of Basis Component Path Coverage for Software Architecture Testing;Computing and Informatics;2017

5. An effective long string searching algorithm towards component security testing;China Communications;2016-11
同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3