Secure communication in networks is an indispensable prerequisite for further digitization in business and society. Security protocols play a central role in this. Security Protocol Interaction Testing (SPLIT) contributes to increasing the security of protocols by developing and applying new test methods. In particular, model-based testing and combinatorial testing are used.
International research cooperation
Together with SBA Research, which led the project, and other scientific partners (Graz University of Technology and the University of Texas at Arlington), OBJENTIS as an industrial partner ensured the practical relevance and transfer possibilities of this research. The goal of the project was to develop automation-supported test methods for analyzing security protocols that are also suitable for verifying the secure implementation of the protocols.
“Security protocols are communication protocols that guarantee security properties by
defined rules and cryptographic methods. (…) (However) even if security protocols are perfectly designed, backdoors can be proposed during the implementation of the protocols, paving the way for potential attackers to commit security breaches. The SPLIT project addresses this important security issue and proposes several models and algorithms to automatically check the security of the corresponding protocol implementations and detect the injected backdoors.”
Source: SPLIT: Security Protocol Interaction Testing in Practice, by Dimitris E. Simos (SBA Research), published on 11/07/2016.
A group of mathematicians and specialists in software testing and security addressed this challenge in this research project, laying the groundwork and proving the applicability of interaction testing to security protocols.