InSTA 2016

The development of test suites using standardized test languages like TTCN-3 and UTP starts with an analysis of the external interfaces towards the system under test (SUT). Large and complex SUTs often require a distributed test system architecture that have to consider the test objectives and the introduction of multiple parallel test system components. The decomposition of a test system needs to be discussed and decided at the very beginning of the test development process. This presentation introduces different approaches from industrial test suite development projects and provides experiences with abstract test system architecture issues (e.g. synchronization, logging and maintenance).

Biography:
Axel Rennoch is computer scientists at the Fraunhofer Institute for Open Communication Systems in Berlin. As a member of the System Quality Center he is involved / responsible for validation and testing projects on next generation networks and software technologies. His experiences address the application of Formal Description Techniques (e.g. LOTOS, SDL) and test notations (e.g. ADL, TTCN, UTP), as well as the development and execution of industrial test solutions. During this work he contributed to several national and international standardization groups (e.g. DIN, ISO, ATM-Forum, OMG, ETSI). For further information see http://s.fhg.de/axelrennoch .

Because software developers are not necessarily security experts, identifying potential threats and vulnerabilities in the early stage of the development process is often insufficient. Even if these issues are addressed at an early stage, it does not guarantee that the final software product actually satisfies security requirements. To realize secure design and implementation, we propose extended security patterns, which include requirement- and design-level patterns as well as a new model testing and model-based code testing process. Our approach is implemented in a tool called TESEM, Test Driven Secure Modeling Tool, which supports pattern applications by creating a script to execute model testing automatically (ARES'13, IJSSE'14, ICST'15). Moreover we recently extended the tool to support testing of security design patterns implementation by preparing testcase templates (ARES'14). By using the tool, developers can specify threats and vulnerabilities in the target design and implementation according to security design patterns, verify whether the security patterns are properly applied, and assesses whether these vulnerabilities are resolved.

Biography:
Hironori Washizaki is head and associate professor at Global Software Engineering Laboratory, Waseda University, Japan. He also works at National Institute of Informatics (NII) as visiting associate professor, and at SYSTEM INFORMATION CO.,LTD. as outside director. In 2015 he was visiting professor at Ecole Polytechnique de Montreal. His research interests include software design, reuse, quality assurance and education. He has served as a workshop co-chair of ASE'06, publicity chair of APSEC'07, ASE'12, CSEE&T'15 and BICT'15, Asia liaison of SEKE'10-16, program chair of SPAQu'07-09 and AsisanPLoP'10, general chair of AsianPLoP'11,'14-16, organizer of MAPLE/SCALE'13, and local chair of SPLC'13. He is on editorial board for several journals including IJSEKE, IEICE and JSSST Computer Software. He is currently chair of IEEE CS Japan Chapter, chair of SEMAT Japan Chapter, director of SamurAI Coding, and Convenor of ISO/IEC /JTC1/SC7/WG20. He is appointed as program co-chair of ICST'17 Tokyo. http://www.washi.cs.waseda.ac.jp/?page_id=2