Formally Testing Fail-Safety of Electronic Purse Protocols

San Diego, California November 26-November 29

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ASE.2001.989840

16th IEEE International Conference on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Jan Jürjens Articles by Guido Wimmel

	ASCII Text	x
	Jan Jürjens, Guido Wimmel, "Formally Testing Fail-Safety of Electronic Purse Protocols," Automated Software Engineering, International Conference on, pp. 408, 16th IEEE International Conference on Automated Software Engineering (ASE'01), 2001.

	BibTex	x
	@article{ 10.1109/ASE.2001.989840, author = {Jan Jürjens and Guido Wimmel}, title = {Formally Testing Fail-Safety of Electronic Purse Protocols}, journal ={Automated Software Engineering, International Conference on}, volume = {0}, year = {2001}, isbn = {0-7695-1426-X}, pages = {408}, doi = {http://doi.ieeecomputersociety.org/10.1109/ASE.2001.989840}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Automated Software Engineering, International Conference on TI - Formally Testing Fail-Safety of Electronic Purse Protocols SN - 0-7695-1426-X SP EP A1 - Jan Jürjens, A1 - Guido Wimmel, PY - 2001 VL - 0 JA - Automated Software Engineering, International Conference on ER -

Jan Jürjens, University of Oxford

Guido Wimmel, Technische Universit?t M?nchen

Designing and implementing security-critical systems correctly is difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems using the CASE tool AutoFocus.

Cryptographic systems are formally specified with state transition diagrams, a notation for state machines in the AutoFocus system. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. In particular, we focus on the principle of fail-safety. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS).

Most commonly, attacks address vulnerabilities in the way security mechanisms are used, rather than the mechanisms themselves. Being able to treat security aspects with a general CASE tool within the context of system development enables detection of such vulnerabilities.

Citation:

Jan Jürjens, Guido Wimmel, "Formally Testing Fail-Safety of Electronic Purse Protocols," ase, pp.408, 16th IEEE International Conference on Automated Software Engineering (ASE'01), 2001

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.