TESEM: A tool for verifying security design pattern applications by model testing

Takanori Kobashi, Masatoshi Yoshizawa, Hironori Washizaki, Yoshiaki Fukazawa, Nobukazu Yoshioka, Takano Okubo, Haruhiko Kaiya

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

Because software developers are not necessarily security experts, identifying potential threats and vulnerabilities in the early stage of the development process (e.g., the requirement- or design-phase) is insufficient. Even if these issues are addressed at an early stage, it does not guarantee that the final software product actually satisfies security requirements. To realize secure designs, we propose extended security patterns, which include requirement-and design-level patterns as well as a new model testing process. Our approach is implemented in a tool called TESEM (Test Driven Secure Modeling Tool), which supports pattern applications by creating a script to execute model testing automatically. During an early development stage, the developer specifies threats and vulnerabilities in the target system, and then TESEM verifies whether the security patterns are properly applied and assesses whether these vulnerabilities are resolved.

Original languageEnglish
Title of host publication2015 IEEE 8th International Conference on Software Testing, Verification and Validation, ICST 2015 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781479971251
DOIs
Publication statusPublished - 2015 May 5
Event8th IEEE International Conference on Software Testing, Verification and Validation, ICST 2015 - Graz, Austria
Duration: 2015 Apr 132015 Apr 17

Publication series

Name2015 IEEE 8th International Conference on Software Testing, Verification and Validation, ICST 2015 - Proceedings

Other

Other8th IEEE International Conference on Software Testing, Verification and Validation, ICST 2015
CountryAustria
CityGraz
Period15/4/1315/4/17

Keywords

  • Component
  • Model Testing
  • Security Patterns
  • Test-Driven Development
  • UML

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'TESEM: A tool for verifying security design pattern applications by model testing'. Together they form a unique fingerprint.

  • Cite this

    Kobashi, T., Yoshizawa, M., Washizaki, H., Fukazawa, Y., Yoshioka, N., Okubo, T., & Kaiya, H. (2015). TESEM: A tool for verifying security design pattern applications by model testing. In 2015 IEEE 8th International Conference on Software Testing, Verification and Validation, ICST 2015 - Proceedings [7102633] (2015 IEEE 8th International Conference on Software Testing, Verification and Validation, ICST 2015 - Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICST.2015.7102633