Mounir Lallali

Timed Modeling of Web Services Composition for Automatic Testing

This paper presents the modeling of BPEL (timed) constructs by using a new formalism WS-TEFSM (Web Service Timed Extended Finite State Machine). A formal mapping of all BPEL constructs is proposed as well as a model that corresponds to the BPEL Web services composition. The WS-TEFSM formalism allows to deal with timing constraints, data variables, clocks and priority on transitions. To perform the transformation, we define a renaming function and an asynchronous product of all partial machine corresponding to the BPEL process sub-activities. This model is enriched by the addition of priorities on transitions, which permit to handle the termination of the BPEL process and its sub-activities, and by global variables, which are used in the management of events and faults. This transformation step is essential to ensure the test of Web services. A rigorous approach is crucial as we have to deal with complex systems that manage distribution, low-coupled nature and asynchronous behaviors.

Applying formal methods to PCEP: an industrial case study from modeling to test generation

This paper presents the experimental results in applying formal methods to an industrial protocol for constraint‐based path computation, called Path Computation Element Communication Protocol (PCEP). The experiments include a number of major activities in model‐based testing from modeling to test generation. From the PCEP specification defined by IETF (Internet Engineering Task Force), the functionalities of PCEP are divided into two parts: application and protocol. The protocol part of PCEP is then described in the IF (Intermediate Format) language which is based on communicating timed automata. A number of basic requirements are identified from the PCEP specification and then described as properties in IF. Based on these properties, the validation and verification of the formal specification are carried out using the IF toolset. Test cases are generated using an automatic test generation tool, called TestGen‐IF, which uses partial state space exploration guided by test purposes. As a result, some errors and ambiguities have been found in the PCEP standard specification. Copyright

Model-Based Attack Tolerance

Software-based systems are nowadays complex and highly distributed. In contrast, existing intrusion detection mechanisms are not always suitable for protecting these systems against new and sophisticated attacks that increasingly appear. In this paper, we present a new generic approach that combines monitoring and formal methods in order to ensure attack-tolerance at a high level of abstraction. Our experiments on an authentication Web application show that this method is effective and realistic to tolerate a variety of attacks.

Modeling and Validation of a Mixed-Criticality NoC Router Using the IF Language

In Mixed-Criticality Systems (MCS), high-critical real-time and low-critical real-time applications share the same hardware platform. Today MCS must also be implementable on NoC-based architectures. Those applications exchange messages with different timing requirements through the same network. Sharing resources between flows in a NoC can lead to unpredictable latencies and subsequently complicate the implementation of MCS in many-core architectures. A solution is that NoC routers provide guarantees for high-critical communications with a minimum impact on performances for low-critical communications. We propose a new router called DAS, which exhibits such properties to support MCS applications. Moreover we introduce the first formal verification of the MCS properties of a NoC-router. We detail a formal specification of the DAS router, with the IF language, in order to verify its ability to support MCS applications. We also describe the validation approach of this specification based on those properties and using the IF toolset.

A component based testing technique for a MANET routing protocol

This paper deals with the crucial challenging issue of testing the conformance of the MANET routing protocols. Indeed, because of the inherent constraints of such networks such as a dynamic topology, to formally test these protocols becomes a tough problem. Most of the studies taking into account a formal model of the protocol is faced to the combinatorial state space explosion issue when deploying and analyzing that model. In our work we present how to cope with that problem by drawing inspiration of the model-checker research domain and an integration of a component-based testing algorithm dedicated to the automatic generation of OLSR test sequences from a formal model written in Promela.

Modeling and testing secure web applications

In modern networks, the heterogeneity and the increasing distribution of applications, such as telecommunication protocols,Web-based systems and real-time systems, make security management complex. These applications are more and more open and rely on networking parts of computer systems that generally make use of different solutions. In the context of the deployment of such applications and services, the security officials are led to empirically bring security solutions together. The consistency of these assemblies is difficult to achieve. Nowadays, many security features are available. We can cite for instance cryptographic protocols, management infrastructures of public keys (PKI), firewalls, control access mechanisms within operating systems and applications, intrusion detection systems or anti-viral mechanisms etc.

Modeling and Testing SecureWeb Applications

In modern networks, the heterogeneity and the increasing distribution of applications, such as telecommunication protocols,Web-based systems and real-time systems, make security management complex. These applications are more and more open and rely on networking parts of computer systems that generally make use of different solutions. In the context of the deployment of such applications and services, the security officials are led to empirically bring security solutions together. The consistency of these assemblies is difficult to achieve. Nowadays, many security features are available. We can cite for instance cryptographic protocols, management infrastructures of public keys (PKI), firewalls, control access mechanisms within operating systems and applications, intrusion detection systems or anti-viral mechanisms etc.

How Web Services Can Be Tolerant to Intruders through Diversification

The efforts and findings of the last decades of research on the formalization and the verification of Web services have given a certain level of assurance on Web services. However new challenges such as high availability and security issues are not fully addressed. In fact, Web services are exposed to attacks that appear continuously. These issues have naturally paved the way to a new research topic that aims at providing new techniques for making Web services attack tolerant. In this paper, we present a state of the art of attack tolerance, especially for Web services. We also present our approach to address such issues through a combination of techniques leveraging in particular diversification. The paper ends with our promising results and a discussion to highlight the perspectives and research direction.

An Attack-Tolerant Framework for Web Services

Web services which allow the interoperability and communication of heterogeneous systems in the Web through Internet protocols, are also subject to attacks a well as destructive as sophisticated. Contrariwise, very few solutions exist to ensure the availability of Web services in the presence of these attacks. In order to tackle these issues, we propose a comprehensive and complete attack-tolerance methodology whose characteristics are: i) upstream detection of attacks before their propagation, ii) a failover system to mitigate the effects of the attack and, iii) an active reconfiguration process to mitigate attacks that are not easy or impossible to detect by monitoring. Our approach will leverage and explore, in particular, monitoring, diversity and software engineering techniques for devising a fine-grained attack-tolerance system. We conducted preliminary experiments with an e-health Web service, which is a simplified version of a case study of the European project CLARUS.