Deliverable D3.4 Test generators for SOA security testing, released

Posted on Posted in MIDAS News

This document accompanies the prototype for generation of security test cases. Within this document, we give details on how we implemented the generation of security test cases in MIDAS framework and platform. To this aim, we describe how a MIDAS DSL compliant UML sequence diagram is used to generate security test cases employing data fuzzing techniques and behavioural fuzzing techniques as well as the combination of both techniques. Using the TTCN-3 generation of MIDAS (see Deliverable D3.6), these sequence diagrams can be converted into TTCN-3 test cases that employ the data fuzzing library Fuzzino as fuzz test data generator as described in the unified Deliverable D4.3, D4.4, D4.5. We describe how specific annotations provided by dedicated UML profiles and UML standard techniques are used to augment the models with the information that enables sophisticated application of fuzzing techniques that apply for the manual as well as for the automated test design use case.