Security vulnerabilities tests generation from SysML and event-B models for EMV cards

Abstract

The Model Based Testing (MBT) is an original approach where test cases are automatically generated from the specifications of the system under tests. These specifications take the form of a behavioral model allowing the test generator to determine, on the one hand, the possible and relevant execution contexts. On the other hand, to predict the effects of these executions on the system. This paper proposes new methodology to generate vulnerability test cases based on SysML model of Europay-Mastercard and Visa (EMV) specifications. Our main aim is to ensure that not only the features described by the EMV specifications are met, but also that there is no vulnerability in the system. To meet these two objectives, we automatically generated concrete tests basing on SysML models. Indeed, this paper highlights the importance of modeling EMV specifications. We opted for the choice of SysML modeling language due to its ability to model Embedded Systems through several types of diagrams. In our work we used state machine diagram to generate vulnerability test cases for a secure and robust system. © 2014 SERSC.