Globally, traditional power systems are rapidly transforming towards the adoption of smart grid platforms. Substations which are at the center of the electric power transformation from the power plant are changing to ...Globally, traditional power systems are rapidly transforming towards the adoption of smart grid platforms. Substations which are at the center of the electric power transformation from the power plant are changing to IEC 61850 based digital substations. Therefore, within substation, there is a growing demand for the IEC 61850 based Intelligent Electronic Devices (IEDs). The operation of multiple manufacturers of IEDs in a single digital substation network increases the need for IEC 61850 communications specification conformance diagnosis to ensure interoperability for efficient data exchange between IEDs. The IEC 61850-10 presents test items for diagnosing communication specification conformance. There are many test tools available in the market today to test the compliance of the IEC 61850 communications specifications to the IED. In this paper, we propose a model-based diagnostic method for IED communication conformance testing. The proposed model-based software therefore uses the “drag and drop” technique to select the various IEC 61850 communication services (objects) required to design the test case in a user friendly Graphical User Interface (GUI). This makes the service conformance testing more flexible for test engineers and system integrators especially in situations that require test case modifications. Also, the proposed software tool makes it easy to understand the various IEC 61850 services using the friendly GUI.展开更多
In this paper, we conduct research on the computer network protocol test model based on genetic and random walk algorithm.Network protocol is the abstract concept, is important in the process of the development of net...In this paper, we conduct research on the computer network protocol test model based on genetic and random walk algorithm.Network protocol is the abstract concept, is important in the process of the development of network system. Fully understand and grasp of thenetwork protocols for managers is there is a big diffi cult. Network covert channel is the evaluation of intrusion detection system and fi rewallsecurity performance of an important means, the paper will start from the angle of the attacker, the fl aws of the research, and use this kind ofdefect to realize network covert channel, the random walk algorithm will be feasible for dealing with this issue. For achieving this, we integratethe genetic and random walk algorithm for systematic optimization.展开更多
Addressing the issues of high redundancy,poor targeting,and low efficiency in the fuzzy testing process of application-layer network protocols,NetFuzz,a novel multi-objective fuzzy testing tool based on a classificati...Addressing the issues of high redundancy,poor targeting,and low efficiency in the fuzzy testing process of application-layer network protocols,NetFuzz,a novel multi-objective fuzzy testing tool based on a classification tree was introduced in this paper. NetFuzz utilizes a four-tiered classification tree protocol description method for application-layer network protocols,encompassing the protocol under test,its functions,specific commands,parameters,and variant markers. A multi-objective optimization model is designed to enhance the coverage,validity,and diversity of test cases,with a genetic algorithm employed to generate these cases. The tool is evaluated by testing file transfer protocol( FTP) and hypertext transfer protocol( HTTP) servers with known vulnerabilities,comparing its performance against the Peach fuzzing tool. NetFuzz can effectively detect security vulnerabilities that Peach Fuzzer tool failed to identify. While ensuring the detection of vulnerabilities,the testing time is reduced by approximately 58%,and the number of valid test cases increases by 47. 67%.展开更多
Network protocols are divided into stateless and stateful. Stateful network protocols have complex communication interactions and state transitions. However, the existing network protocol fuzzing does not support stat...Network protocols are divided into stateless and stateful. Stateful network protocols have complex communication interactions and state transitions. However, the existing network protocol fuzzing does not support state transitions very well. This paper focuses on this issue and proposes the Semi-valid Fuzzing for the Stateful Network Protocol (SFSNP). The SFSNP analyzes protocol interactions and builds an extended finite state machine with a path marker for the network protocol; then it obtains test sequences of the extended finite state machine, and further performs the mutation operation using the semi-valid algorithm for each state transition in the test sequences; finally, it obtains fuzzing sequences. Moreover, because different test sequences may have the same state transitions, the SFSNP uses the state transition marking algorithm to reduce redundant test cases. By using the stateful rule tree of the protocol, the SFSNP extracts the constraints in the protocol specifications to construct semi-valid fuzz testing cases within the sub-protocol domain, and finally forms fuzzing sequences. Experimental results indicate that the SFSNP is reasonably effective at reducing the quantity of generated test cases and improving the quality of fuzz testing cases. The SFSNP can reduce redundancy and shorten testing time.展开更多
To improve the efficiency and coverage of stateful network protocol fuzzing, this paper proposes a new method, using a rule-based state machine and a stateful rule tree to guide the generation of fuzz testing data. Th...To improve the efficiency and coverage of stateful network protocol fuzzing, this paper proposes a new method, using a rule-based state machine and a stateful rule tree to guide the generation of fuzz testing data. The method first builds a rule-based state machine model as a formal description of the states of a network protocol. This removes safety paths, to cut down the scale of the state space. Then it uses a stateful rule tree to describe the relationship between states and messages, and then remove useless items from it. According to the message sequence obtained by the analysis of paths using the stateful rule tree and the protocol specification, an abstract data model of test case generation is defined. The fuzz testing data is produced by various generation algorithms through filling data in the fields of the data model. Using the rule-based state machine and the stateful rule tree, the quantity of test data can be reduced. Experimental results indicate that our method can discover the same vulnerabilities as traditional approaches, using less test data, while optimizing test data generation and improving test efficiency.展开更多
This paper describes the ISUP (ISDN User Part of CCSS7) conformance testing theory and method according to CCITT and China national standards, and presents a successful ISUP protocol conformance testing system in detail.
The session initiation protocol (SIP) is a signaling protocol for Internet telephony, multimedia conferencing, presence, event notification, and instant messaging. With the gaining popularity, more and more SIP implem...The session initiation protocol (SIP) is a signaling protocol for Internet telephony, multimedia conferencing, presence, event notification, and instant messaging. With the gaining popularity, more and more SIP implementations have been developed and deployed. How to guarantee the conformance of those SIP implementations is the key point of interconnection and interoperation among them. This paper proposes the test method and architecture for the SIP protocol based on the IPv6 tester system. Tree and tabular combined notation (TTCN-2) is adopted to describe the test suite. With an enhanced reference implementation, the data-processing ability to the original test system has been greatly improved. In the following test practices, some errors have been found in the SIP entities under test. It is proved that the proposed test method and architecture are effective to verify the conformance of the SIP entities, and the result of the conformance test may provide helpful reference to the development of SIP products.展开更多
Formal methods for test sequence generation from FSM have been studied widely andthoroughly,but most real communication systems can only be modeled as EFSM exactly.Data portion in EFSM brings difficulties for test sui...Formal methods for test sequence generation from FSM have been studied widely andthoroughly,but most real communication systems can only be modeled as EFSM exactly.Data portion in EFSM brings difficulties for test suite generation.In this paper,the strategyof generating test suite from protocols modelled as EFSM is presented.This strategy consid-ers testing of both the control portion and data portion of protocols.A software,the testsuite generation system(TSGS)based on above strategy,is introduced.展开更多
This paper rejuvenates the notion of conformance testing in order to assess the security of networks. It leverages the Testing and Test Control Notation Version 3 (TTCN-3) by applying it to a redefined notion of <i...This paper rejuvenates the notion of conformance testing in order to assess the security of networks. It leverages the Testing and Test Control Notation Version 3 (TTCN-3) by applying it to a redefined notion of <i>System under Test</i> (<i>SUT</i>). Instead of testing, as it is classically done, a software/firmware/ hardware element, an intangible object, namely the network, is tested in order to infer some of its security properties. After a brief introduction of TTCN-3 and Titan, its compilation and execution environment, a couple of use cases are provided to illustrate the feasibility of the approach. The pros and cons of using TTCN-3 to implement a scalable and flexible network testing environment are discussed.展开更多
A new model of event and message driven Petri network(EMDPN) based on the characteristic of class interaction for messages passing between two objects was extended. Using EMDPN interaction graph, a class hierarchical ...A new model of event and message driven Petri network(EMDPN) based on the characteristic of class interaction for messages passing between two objects was extended. Using EMDPN interaction graph, a class hierarchical test-case generation algorithm with cooperated paths (copaths) was proposed, which can be used to solve the problems resulting from the class inheritance mechanism encountered in object-oriented software testing such as oracle, message transfer errors, and unreachable statement. Finally, the testing sufficiency was analyzed with the ordered sequence testing criterion(OSC). The results indicate that the test cases stemmed from newly proposed automatic algorithm of copaths generation satisfies synchronization message sequences testing criteria, therefore the proposed new algorithm of copaths generation has a good coverage rate.展开更多
Interoperability testing is an important technique to ensure the quality of implementations of network communication protocol. In the next generation Internet protocol, real-time applications should be supported effec...Interoperability testing is an important technique to ensure the quality of implementations of network communication protocol. In the next generation Internet protocol, real-time applications should be supported effectively. However, time constraints were not considered in the related studies of protocol interoperability testing, so existing interoperability testing methods are difficult to be applied in real-time protocol interoperability testing. In this paper, a formal method to real-time protocol interoperability testing is proposed. Firstly, a formal model CMpTIOA (communicating multi-port timed input output automata) is defined to specify the system under test (SUT) in real-time protocol interoperability testing; based on this model, timed interoperability relation is then defined. In order to check this relation, a test generation method is presented to generate a parameterized test behavior tree from SUT model; a mechanism of executability pre-determination is also integrated in the test generation method to alleviate state space explosion problem to some extent. The proposed theory and method are then applied in interoperability testing of IPv6 neighbor discovery protocol to show the feasibility of this method.展开更多
We present a method of generating test cases from the software specifications which are modeled by nondeterministic finite state machines. It is applicable to both nondeterministic and deterministic finite state mach...We present a method of generating test cases from the software specifications which are modeled by nondeterministic finite state machines. It is applicable to both nondeterministic and deterministic finite state machines. When applied to deterministic machines, this method yields usually smaller test suites with full fault coverage than the existing methods that also assure full fault coverage. In particular, the proposed mehod can be used to test the control portion of software specified in the formalspecification languages SDL or ESTELLE.展开更多
文摘Globally, traditional power systems are rapidly transforming towards the adoption of smart grid platforms. Substations which are at the center of the electric power transformation from the power plant are changing to IEC 61850 based digital substations. Therefore, within substation, there is a growing demand for the IEC 61850 based Intelligent Electronic Devices (IEDs). The operation of multiple manufacturers of IEDs in a single digital substation network increases the need for IEC 61850 communications specification conformance diagnosis to ensure interoperability for efficient data exchange between IEDs. The IEC 61850-10 presents test items for diagnosing communication specification conformance. There are many test tools available in the market today to test the compliance of the IEC 61850 communications specifications to the IED. In this paper, we propose a model-based diagnostic method for IED communication conformance testing. The proposed model-based software therefore uses the “drag and drop” technique to select the various IEC 61850 communication services (objects) required to design the test case in a user friendly Graphical User Interface (GUI). This makes the service conformance testing more flexible for test engineers and system integrators especially in situations that require test case modifications. Also, the proposed software tool makes it easy to understand the various IEC 61850 services using the friendly GUI.
文摘In this paper, we conduct research on the computer network protocol test model based on genetic and random walk algorithm.Network protocol is the abstract concept, is important in the process of the development of network system. Fully understand and grasp of thenetwork protocols for managers is there is a big diffi cult. Network covert channel is the evaluation of intrusion detection system and fi rewallsecurity performance of an important means, the paper will start from the angle of the attacker, the fl aws of the research, and use this kind ofdefect to realize network covert channel, the random walk algorithm will be feasible for dealing with this issue. For achieving this, we integratethe genetic and random walk algorithm for systematic optimization.
文摘Addressing the issues of high redundancy,poor targeting,and low efficiency in the fuzzy testing process of application-layer network protocols,NetFuzz,a novel multi-objective fuzzy testing tool based on a classification tree was introduced in this paper. NetFuzz utilizes a four-tiered classification tree protocol description method for application-layer network protocols,encompassing the protocol under test,its functions,specific commands,parameters,and variant markers. A multi-objective optimization model is designed to enhance the coverage,validity,and diversity of test cases,with a genetic algorithm employed to generate these cases. The tool is evaluated by testing file transfer protocol( FTP) and hypertext transfer protocol( HTTP) servers with known vulnerabilities,comparing its performance against the Peach fuzzing tool. NetFuzz can effectively detect security vulnerabilities that Peach Fuzzer tool failed to identify. While ensuring the detection of vulnerabilities,the testing time is reduced by approximately 58%,and the number of valid test cases increases by 47. 67%.
基金supported by the National Key R&D Program of China(No.2016YFB0800700)
文摘Network protocols are divided into stateless and stateful. Stateful network protocols have complex communication interactions and state transitions. However, the existing network protocol fuzzing does not support state transitions very well. This paper focuses on this issue and proposes the Semi-valid Fuzzing for the Stateful Network Protocol (SFSNP). The SFSNP analyzes protocol interactions and builds an extended finite state machine with a path marker for the network protocol; then it obtains test sequences of the extended finite state machine, and further performs the mutation operation using the semi-valid algorithm for each state transition in the test sequences; finally, it obtains fuzzing sequences. Moreover, because different test sequences may have the same state transitions, the SFSNP uses the state transition marking algorithm to reduce redundant test cases. By using the stateful rule tree of the protocol, the SFSNP extracts the constraints in the protocol specifications to construct semi-valid fuzz testing cases within the sub-protocol domain, and finally forms fuzzing sequences. Experimental results indicate that the SFSNP is reasonably effective at reducing the quantity of generated test cases and improving the quality of fuzz testing cases. The SFSNP can reduce redundancy and shorten testing time.
基金supported by the Key Project of National Defense Basic Research Program of China (No.B1120132031)supported by the Cultivation and Development Program for Technology Innovation Base of Beijing Municipal Science and Technology Commission (No.Z151100001615034)
文摘To improve the efficiency and coverage of stateful network protocol fuzzing, this paper proposes a new method, using a rule-based state machine and a stateful rule tree to guide the generation of fuzz testing data. The method first builds a rule-based state machine model as a formal description of the states of a network protocol. This removes safety paths, to cut down the scale of the state space. Then it uses a stateful rule tree to describe the relationship between states and messages, and then remove useless items from it. According to the message sequence obtained by the analysis of paths using the stateful rule tree and the protocol specification, an abstract data model of test case generation is defined. The fuzz testing data is produced by various generation algorithms through filling data in the fields of the data model. Using the rule-based state machine and the stateful rule tree, the quantity of test data can be reduced. Experimental results indicate that our method can discover the same vulnerabilities as traditional approaches, using less test data, while optimizing test data generation and improving test efficiency.
文摘This paper describes the ISUP (ISDN User Part of CCSS7) conformance testing theory and method according to CCITT and China national standards, and presents a successful ISUP protocol conformance testing system in detail.
基金the National Natural Science Foundation of China (No. 60572082)
文摘The session initiation protocol (SIP) is a signaling protocol for Internet telephony, multimedia conferencing, presence, event notification, and instant messaging. With the gaining popularity, more and more SIP implementations have been developed and deployed. How to guarantee the conformance of those SIP implementations is the key point of interconnection and interoperation among them. This paper proposes the test method and architecture for the SIP protocol based on the IPv6 tester system. Tree and tabular combined notation (TTCN-2) is adopted to describe the test suite. With an enhanced reference implementation, the data-processing ability to the original test system has been greatly improved. In the following test practices, some errors have been found in the SIP entities under test. It is proved that the proposed test method and architecture are effective to verify the conformance of the SIP entities, and the result of the conformance test may provide helpful reference to the development of SIP products.
基金Sponsored by Natural Sclence Foundation of China.
文摘Formal methods for test sequence generation from FSM have been studied widely andthoroughly,but most real communication systems can only be modeled as EFSM exactly.Data portion in EFSM brings difficulties for test suite generation.In this paper,the strategyof generating test suite from protocols modelled as EFSM is presented.This strategy consid-ers testing of both the control portion and data portion of protocols.A software,the testsuite generation system(TSGS)based on above strategy,is introduced.
文摘This paper rejuvenates the notion of conformance testing in order to assess the security of networks. It leverages the Testing and Test Control Notation Version 3 (TTCN-3) by applying it to a redefined notion of <i>System under Test</i> (<i>SUT</i>). Instead of testing, as it is classically done, a software/firmware/ hardware element, an intangible object, namely the network, is tested in order to infer some of its security properties. After a brief introduction of TTCN-3 and Titan, its compilation and execution environment, a couple of use cases are provided to illustrate the feasibility of the approach. The pros and cons of using TTCN-3 to implement a scalable and flexible network testing environment are discussed.
基金Project(05JT1035) supported by the Science and Technology Plan of Hunan Province
文摘A new model of event and message driven Petri network(EMDPN) based on the characteristic of class interaction for messages passing between two objects was extended. Using EMDPN interaction graph, a class hierarchical test-case generation algorithm with cooperated paths (copaths) was proposed, which can be used to solve the problems resulting from the class inheritance mechanism encountered in object-oriented software testing such as oracle, message transfer errors, and unreachable statement. Finally, the testing sufficiency was analyzed with the ordered sequence testing criterion(OSC). The results indicate that the test cases stemmed from newly proposed automatic algorithm of copaths generation satisfies synchronization message sequences testing criteria, therefore the proposed new algorithm of copaths generation has a good coverage rate.
基金the National Basic Research Program of China (973 Program) (Grant No. 2003CB314801)the National Natural Science Foundation of China (Grant No. 60572082)
文摘Interoperability testing is an important technique to ensure the quality of implementations of network communication protocol. In the next generation Internet protocol, real-time applications should be supported effectively. However, time constraints were not considered in the related studies of protocol interoperability testing, so existing interoperability testing methods are difficult to be applied in real-time protocol interoperability testing. In this paper, a formal method to real-time protocol interoperability testing is proposed. Firstly, a formal model CMpTIOA (communicating multi-port timed input output automata) is defined to specify the system under test (SUT) in real-time protocol interoperability testing; based on this model, timed interoperability relation is then defined. In order to check this relation, a test generation method is presented to generate a parameterized test behavior tree from SUT model; a mechanism of executability pre-determination is also integrated in the test generation method to alleviate state space explosion problem to some extent. The proposed theory and method are then applied in interoperability testing of IPv6 neighbor discovery protocol to show the feasibility of this method.
文摘We present a method of generating test cases from the software specifications which are modeled by nondeterministic finite state machines. It is applicable to both nondeterministic and deterministic finite state machines. When applied to deterministic machines, this method yields usually smaller test suites with full fault coverage than the existing methods that also assure full fault coverage. In particular, the proposed mehod can be used to test the control portion of software specified in the formalspecification languages SDL or ESTELLE.
