Model‐based security testing: a taxonomy and systematic classification. (24th July 2015)
- Record Type:
- Journal Article
- Title:
- Model‐based security testing: a taxonomy and systematic classification. (24th July 2015)
- Main Title:
- Model‐based security testing: a taxonomy and systematic classification
- Authors:
- Felderer, Michael
Zech, Philipp
Breu, Ruth
Büchler, Matthias
Pretschner, Alexander - Abstract:
- Summary: Model‐based security testing relies on models to test whether a software system meets its security requirements. It is an active research field of high relevance for industrial applications, with many approaches and notable results published in recent years. This article provides a taxonomy for model‐based security testing approaches. It comprises filter criteria (i.e. model of system security, security model of the environment and explicit test selection criteria) as well as evidence criteria (i.e. maturity of evaluated system, evidence measures and evidence level). The taxonomy is based on a comprehensive analysis of existing classification schemes for model‐based testing and security testing. To demonstrate its adequacy, 119 publications on model‐based security testing are systematically extracted from the five most relevant digital libraries by three researchers and classified according to the defined filter and evidence criteria. On the basis of the classified publications, the article provides an overview of the state of the art in model‐based security testing and discusses promising research directions with regard to security properties, coverage criteria and the feasibility and return on investment of model‐based security testing. Copyright © 2015 John Wiley & Sons, Ltd. Abstract : This article provides a taxonomy for model‐based security testing approaches that comprises filter and evidence criteria. The taxonomy is based on a comprehensive analysis ofSummary: Model‐based security testing relies on models to test whether a software system meets its security requirements. It is an active research field of high relevance for industrial applications, with many approaches and notable results published in recent years. This article provides a taxonomy for model‐based security testing approaches. It comprises filter criteria (i.e. model of system security, security model of the environment and explicit test selection criteria) as well as evidence criteria (i.e. maturity of evaluated system, evidence measures and evidence level). The taxonomy is based on a comprehensive analysis of existing classification schemes for model‐based testing and security testing. To demonstrate its adequacy, 119 publications on model‐based security testing are systematically extracted from the five most relevant digital libraries by three researchers and classified according to the defined filter and evidence criteria. On the basis of the classified publications, the article provides an overview of the state of the art in model‐based security testing and discusses promising research directions with regard to security properties, coverage criteria and the feasibility and return on investment of model‐based security testing. Copyright © 2015 John Wiley & Sons, Ltd. Abstract : This article provides a taxonomy for model‐based security testing approaches that comprises filter and evidence criteria. The taxonomy is based on a comprehensive analysis of existing classification schemes for model‐based and security testing. To demonstrate its adequacy, 119 publications on model‐based security testing are systematically extracted from relevant digital libraries and classified according to the defined filter and evidence criteria. On the basis of the classified publications, the article provides an overview of the state of the art in model‐based security testing and discusses promising research directions. … (more)
- Is Part Of:
- Software testing, verification & reliability. Volume 26:Number 2(2016)
- Journal:
- Software testing, verification & reliability
- Issue:
- Volume 26:Number 2(2016)
- Issue Display:
- Volume 26, Issue 2 (2016)
- Year:
- 2016
- Volume:
- 26
- Issue:
- 2
- Issue Sort Value:
- 2016-0026-0002-0000
- Page Start:
- 119
- Page End:
- 148
- Publication Date:
- 2015-07-24
- Subjects:
- model‐based security testing -- security testing -- model‐based testing -- classification -- taxonomy
Computer software -- Testing -- Periodicals
Computer software -- Verification -- Periodicals
Computer software -- Reliability -- Periodicals
005.14 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/stvr.1580 ↗
- Languages:
- English
- ISSNs:
- 0960-0833
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.457500
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 8095.xml