Model-based Security Testing Using UMLsec. A Case Study

  • Jürjens J
  • 27


    Mendeley users who have this article in their library.
  • 30


    Citations of this article.


Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems based on UMLsec models. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), a candidate for an international electronic purse standard. © 2008 Elsevier B.V. All rights reserved.

Author-supplied keywords

  • Model-based Testing
  • Security
  • UML
  • UMLsec

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document


  • Jan Jürjens

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free