{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,4,4]],"date-time":"2022-04-04T12:23:11Z","timestamp":1649074991719},"reference-count":29,"publisher":"IGI Global","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,7]]},"abstract":"The quality of software systems strongly depends on their architecture. For this reason, taking into account security requirements at the architecture level is crucial for the success of secure software development. Today, systems are permanently evolving due to customer needs, technology evolution or maintenance constraints. Thus, a resilient secure system is expected to evolve towards more satisfaction of its security requirements (Guelfi 2011). In particular, such evolution process should identify and eliminate faults and vulnerabilities during the development process or runtime. This study focuses on the design phases and aims to propose a resilient software engineering process guaranteeing the development of secure systems that satisfy their critical requirements. During the development process, the system is expected to evolve until reaching satisfactory compliance against its requirements. The satisfaction computation is based on the quantification of failures and degradations. In this paper, the authors propose a novel architecture model-based security testing approach for identifying faults and vulnerabilities. The originality of the proposal resides in the usage of the architecture model for security testing and in coupling security requirements with threat model for generating both security functional test cases and malicious test cases. The assessment of the security requirements\u2019 satisfaction and the overall system resilience is based on the test traces analysis. Throughout this study, a client-server system is used as a running example for illustrating the approach.<\/jats:p>","DOI":"10.4018\/jsse.2012070102","type":"journal-article","created":{"date-parts":[[2012,11,26]],"date-time":"2012-11-26T14:06:14Z","timestamp":1353938774000},"page":"23-49","source":"Crossref","is-referenced-by-count":3,"title":["SETER"],"prefix":"10.4018","volume":"3","author":[{"given":"Ayda","family":"Saidane","sequence":"first","affiliation":[{"name":"University of Luxembourg, Luxembourg"}]},{"given":"Nicolas","family":"Guelfi","sequence":"additional","affiliation":[{"name":"University of Luxembourg, Luxembourg"}]}],"member":"2432","reference":[{"key":"jsse.2012070102-0","doi-asserted-by":"crossref","unstructured":"Armando, A., Carbone, R., Compagna, L., Li, K., & Pellegrino, G. (2010). Model-checking driven security testing of web-based applications. In Proceedings of the Third International Conference on Software Testing, Verification, and Validation Workshops (pp. 361-370).","DOI":"10.1109\/ICSTW.2010.54"},{"key":"jsse.2012070102-1","unstructured":"Bertolino, A., Inverardi, P., & Muccini, H. (2001). An explorative journey from architectural tests definition down to code tests execution. In Proceedings of the 23rd International Conference on Software Engineering (pp. 211-220)."},{"key":"jsse.2012070102-2","doi-asserted-by":"crossref","unstructured":"Bourhfir, C., Dssouli, R., Aboulhamid, E., & Rico, N. (1998). A guided incremental test case generation procedure for conformance testing CEFSM specified protocols. In Proceedings of the IFIP International Workshop on Testing Communicating Systems (pp. 275-290).","DOI":"10.1007\/978-0-387-35381-4_17"},{"key":"jsse.2012070102-3","doi-asserted-by":"crossref","unstructured":"Brun, M. Delatour, J., & Trinquet, Y. (2008). Code generation from AADL to a real-time operating system: An experimentation feedback on the use of model transformation. In Proceedings of the 13th IEEE International Conference on Engineering of Complex Computer Systems (pp. 257-262).","DOI":"10.1109\/ICECCS.2008.19"},{"key":"jsse.2012070102-4","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1016\/j.entcs.2006.11.004","article-title":"Architecting fault-tolerant component-based systems: From requirements to testing.","volume":"168","author":"A.Bucchiarone","year":"2007","journal-title":"Electronic Notes in Theoretical Computer Science"},{"key":"jsse.2012070102-5","doi-asserted-by":"crossref","unstructured":"Castanet, R., & Rouillard, D. (2002). Generate certified test cases by combining theorem proving and reachability analysis. In Proceedings of the IFIP 14th International Conference on Testing Communicating Systems (pp. 249-266).","DOI":"10.1007\/978-0-387-35497-2_19"},{"key":"jsse.2012070102-6","doi-asserted-by":"crossref","unstructured":"Franca, R. B., Bodeveix, J., Filali, M., Rolland, J., Chemouil, D., & Thomas, D. (2007). The AADL behaviour annex -- experiments and roadmap. In Proceedings of the 12th IEEE International Conference on Engineering Complex Computer Systems (pp. 377-382).","DOI":"10.1109\/ICECCS.2007.41"},{"key":"jsse.2012070102-7","unstructured":"G\u00f3rski, J., Rydzak, F., Breistrand, L., Sveen, F., Qian, Y., & Gonzalez, J. (2006). Exploring resilience towards risks in eOperations in the oil and gas industry. In J. G\u00f3rski (Eds.), Proceedings of the 25th International Conference on Computer Safety, Reliability and Security (LNCS 4166, pp. 57-70)."},{"issue":"3","key":"jsse.2012070102-8","first-page":"294","article-title":"A formal framework for dependability and resilience from a software engineering perspective.","volume":"1","author":"N.Guelfi","year":"2011","journal-title":"Central European Journal of Computer Science"},{"key":"jsse.2012070102-9","doi-asserted-by":"crossref","unstructured":"Hawes, C., & Reed, C. (2006). Theoretical steps towards modelling resilience in complex systems. In M. Gavrilova, O. Gervasi, V. Kumar, C. J. K. Tan, D. Taniar, A. Lagan\u00e1, Y. Mun, & H. Choo (Eds.), Proceedings of the 6th International Conference on Computational Science and its Applications - Volume Part I (LNCS 3980, pp. 644-653).","DOI":"10.1007\/11751540_68"},{"key":"jsse.2012070102-10","unstructured":"Jin, Z. (2000). A software architecture-based testing technique (Unpublished doctoral dissertation). George Mason University, Arlington, VA."},{"key":"jsse.2012070102-11","unstructured":"Jin, Z., & Offutt, J. (2001). Deriving tests from software architectures. In Proceedings of the 12th International Symposium on Software Reliability Engineering (p. 308)."},{"key":"jsse.2012070102-12","author":"J.Jurjens","year":"2005","journal-title":"Secure systems development with UML"},{"issue":"1","key":"jsse.2012070102-13","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1016\/j.entcs.2008.11.008","article-title":"Model-based security testing using UMLsec.","volume":"220","author":"J.Jurjens","year":"2008","journal-title":"Electronic Notes in Theoretical Computer Science"},{"issue":"4","key":"jsse.2012070102-14","first-page":"32","article-title":"Functional test generation using design and property decomposition techniques.","volume":"8","author":"H.Koo","year":"2009","journal-title":"ACM Transactions on Embedded Computing Systems"},{"key":"jsse.2012070102-15","unstructured":"Marquis, S., Dean, T., & Knight, S. (2005). SCL: A language for security testing of network applications. In Proceedings of the Conference of the Centre for Advanced Studies on Collaborative Research (pp. 155-164)."},{"key":"jsse.2012070102-16","doi-asserted-by":"crossref","unstructured":"Mouelhi, T., Fleurey, F., Baudry, B., & Traon, Y. (2008). A model-based framework for security policy specification, deployment and testing. In Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems (pp. 537-552).","DOI":"10.1007\/978-3-540-87875-9_38"},{"issue":"8","key":"jsse.2012070102-17","first-page":"1166","article-title":"Security Attack Testing (SAT)-testing the security of information systems at design time.","volume":"32","author":"H.Mouratidis","year":"2007","journal-title":"Information Systems Journal"},{"key":"jsse.2012070102-18","unstructured":"Muccini, H. (2002). Software architecture for testing, coordination and views model checking (Unpublished doctoral dissertation). University La Sapienza, Rome, Italy."},{"key":"jsse.2012070102-19","unstructured":"Powell, D., & Stroud, R. (2003). Conceptual model and architecture of MAFTIA (Malicious- and Accidental-Fault Tolerance for Internet Applications) (Public Deliverable D21). Retrieved from http:\/\/spiderman-2.laas.fr\/TSF\/cabernet\/maftia\/deliverables\/D21.pdf"},{"key":"jsse.2012070102-20","doi-asserted-by":"crossref","unstructured":"Pretschner, A., Mouelhi, T., & Traon, Y. (2008). Model-based tests for access control policies. In Proceedings of the International Conference on Software Testing, Verification, and Validation (pp. 338-347).","DOI":"10.1109\/ICST.2008.44"},{"key":"jsse.2012070102-21","doi-asserted-by":"crossref","unstructured":"Richardson, D., & Wolf, A. (1996). Software testing at the architectural level. In Joint Proceedings of the Second International Software Architecture Workshop and International Workshop on Multiple Perspectives in Software Development on SIGSOFT Workshops (pp. 68-71).","DOI":"10.1145\/243327.243605"},{"key":"jsse.2012070102-22","unstructured":"Ries, B. (2009). SESAME - A model-driven process for the test selection of small-size safety-related embedded software (Unpublished doctoral dissertation). University of Luxembourg, Walferdange, Luxembourg."},{"key":"jsse.2012070102-23","doi-asserted-by":"crossref","unstructured":"Schulz, S., Honkola, J., & Huima, A. (2007). Towards model-based testing with architecture models. In Proceedings of the 14th Annual IEEE International Conference and Workshops on the Engineering of Computer-Based Systems (pp. 495-502).","DOI":"10.1109\/ECBS.2007.73"},{"key":"jsse.2012070102-24","doi-asserted-by":"crossref","unstructured":"Subramaniam, M., Xiao, L., Guo, B., & Pap, Z. (2009). An approach for test selection for EFSMs using a theorem prover. In M. N\u00fa\u00f1ez, P. Baker, & M. G. Merayo (Eds.), Proceedings of the 21st IFIP WG 6.1 International Conference on Testing of Software and Communication Systems and the 9th International FATES Workshop (LNCS 5826, pp. 146-162).","DOI":"10.1007\/978-3-642-05031-2_10"},{"key":"jsse.2012070102-25","unstructured":"ter Beek, M. H., Faconti, G. P., Massink, M., Palanque, P. A., & Winckler, M. (2009). Resilience of interaction techniques to interrupts: A formal model-based approach. In T. Gross, J. Gulliksen, P. Kotze, L. Oestreicher, P. Palanque, R. O. Prates, & M. Winckler (Eds.), Proceedings of the 12th IFIP TC 13 International Conference on Human-Computer Interaction: Part I (LNCS 5726, pp. 494-509)."},{"key":"jsse.2012070102-26","doi-asserted-by":"crossref","unstructured":"Wang, F., Wang, S., & Ji, Y. (2009). An automatic generation method of executable test case using model-driven architecture. In Proceedings of the Fourth International Conference on Innovative Computing, Information and Control (pp. 389-393).","DOI":"10.1109\/ICICIC.2009.79"},{"key":"jsse.2012070102-27","unstructured":"Xiong, P., Stepien, B., & Peyton, L. (2009). Model-based penetration test framework for web applications using TTCN-3. In Proceedings of the 4th International Conference on E-Technologies: Innovation in an Open World (Vol. 26, pp. 141-154)."},{"key":"jsse.2012070102-28","doi-asserted-by":"crossref","unstructured":"Zulkernine, M., Raihan, F., & Uddin, M. (2009). Towards model-based automatic testing of attack scenarios. In B. Buth, G. Rabe, & T. Seyfarth (Eds.), Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security (LNCS 5775, pp. 229-242).","DOI":"10.1007\/978-3-642-04468-7_19"}],"container-title":["International Journal of Secure Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=69392","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,11,13]],"date-time":"2018-11-13T14:18:01Z","timestamp":1542118681000},"score":1,"resource":{"primary":{"URL":"http:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/jsse.2012070102"}},"subtitle":["Towards Architecture-Model Based Security Engineering"],"short-title":[],"issued":{"date-parts":[[2012,7]]},"references-count":29,"journal-issue":{"issue":"3"},"URL":"https:\/\/doi.org\/10.4018\/jsse.2012070102","relation":{},"ISSN":["1947-3036","1947-3044"],"issn-type":[{"value":"1947-3036","type":"print"},{"value":"1947-3044","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012,7]]}}}