A formal approach to robustness testing of network protocol

Abstract

Robustness testing of network protocol aims to detect vulnerabilities of protocol specifications and implementations under critical conditions. However, related theory is not well developed and prevalent test practices have deficiencies. This paper builds a novel NPEFSM model containing sufficient inputs and their processing rules to formalize complex protocol. Based on this model, Normal-Verification Sequence is proposed to enhance verdict mechanism. We adopt various strategies to generate anomalous values for some fields of messages and further apply pairwise combination to systematically mutate messages. We propose compound anomalous test case to simplify test sequences and give its generation algorithm. Standard test specification language TTCN-3 is extended to describe compound anomalous test cases. As a case study, we test OSPFv2 sufficiently with a test system based on extended TTCN-3. Our method and test system can effectively discover vulnerabilities of protocol implementations as well as their inconsistencies with specifications. © 2008 Springer Berlin Heidelberg.