Gesellschaft für Informatik e.V.

Lecture Notes in Informatics

Modellierung 2010 P-161, 195-202 (2010).

Gesellschaft für Informatik, Bonn

Copyright © Gesellschaft für Informatik, Bonn


Security testing by telling teststories

Michael Felderer , Berthold Agreiter , Ruth Breu and Alvaro Armenteros


Security testing is very important to assure a certain level of reliability in a system. On the system level, security testing has to guarantee that security requirements such as confidentiality, integrity, authentication, authorization, availability and non-repudiation hold. In this paper, we present an approach to system level security testing of service oriented systems that evaluates security requirements. Our approach is based on the Telling TestStories methodology for model-driven system testing. After the elicitation of security requirements, we define a system and a test model. The test model is then transformed to executable test code. We show how traceability between all artifacts can be established and how the tests can be executed focusing on security relevant aspects. All steps are explained based on an industrial case study.

Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-255-0

Last changed 04.10.2013 18:30:33