A. V. Nikeshin, V. Z. Shnitman, “Conformance testing of extensible authentication protocol implementations”, Proceedings of ISP RAS, 2018, Volume 30, Issue 6,Pages <nobr>89

This article is cited in 4 papers

Conformance testing of extensible authentication protocol implementations

A. V. Nikeshin^a, V. Z. Shnitman^ba

^a Ivannikov Institute for System Programming of the Russian Academy of Sciences
^b Moscow Institute of Physics and Technology (State University)

Abstract: The paper presents a model-based approach to conformance testing of Extensible Authentication Protocol (EAP) implementations. Conformance testing is the basic tool to ensure interoperability between implementations of a protocol. Using UniTESK technology allows automating the verification of network protocols based on their formal models. Additional applying of mutation testing allows evaluating the robustness of the implementations to receive incorrect packets. We applied the test suite to several implementations of EAP and present brief results. This approach has proved to be effective in finding several critical vulnerabilities and other specification deviations in the EAP implementations.

Keywords: testing, verification, formal methods, formal specifications, model-based testing, security, authentication, access control, EAP, EAP methods, UniTESK, mutation testing.

DOI: 10.15514/ISPRAS-2018-30(6)-5