https://www.mdu.se/

mdu.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Black-Box Protocol Testing Using Rebeca and Automata Learning
AVL List Gmbh, Graz, Austria.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0001-7586-0409
2025 (English)In: Lecture Notes in Computer Science, Springer Nature , 2025, Vol. 15560 LNCS, p. 212-235Chapter in book (Other academic)
Abstract [en]

Industrial and critical infrastructure devices should be scrutinized with rigorous methods for inconsistencies with a specification. At the same time, this specification should also be correct, otherwise the specification conformance is of little value. On the example of eMRTDs (electronic Machine-Readable Travel Documents) we demonstrate an approach that combines model-checking a specification for correctness in terms of security with learning an implementation model using automata learning. Once the specification is modeled, we automatically mine a model of the implementation and check the model for compliance with the verified specification using simulation and trace preorder. Underspecification of the standard is in this setting modeled as non-deterministic behavior, so one of the possibilities has to simulate the implementation in order for the latter to be compliant. We also present a working tool chain realizing this method. When adopting the tool chain accordingly, the method might be used in practice for checking the correctness of any reactive system. 
Place, publisher, year, edition, pages
Springer Nature , 2025. Vol. 15560 LNCS, p. 212-235
Series
Lecture Notes in Computer Science, ISSN 03029743
Keywords [en]
Afra, Automata Learning, Compliance Checking, eMRTD, Formal Methods, Model Checking, NFC, Rebeca, Adversarial machine learning, Automata theory, Black-box testing, Federated learning, Formal specification, Automaton learning, Black boxes, Electronic machine-readable travel document, Machine readable travel documents, Models checking, Protocol testing, Rebecum
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-70996DOI: 10.1007/978-3-031-85134-6_10Scopus ID: 2-s2.0-105001385156ISBN: 9789819698936 (print)OAI: oai:DiVA.org:mdh-70996DiVA, id: diva2:1950951
Available from: 2025-04-09 Created: 2025-04-09 Last updated: 2026-02-09Bibliographically approved
In thesis
1. Formal Methods-based Security Testing Utilizing Threat Modeling, Automata Learning, and Model Checking
Open this publication in new window or tab >>Formal Methods-based Security Testing Utilizing Threat Modeling, Automata Learning, and Model Checking
2025 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

This thesis strives towards finding more efficient methods of automating security test case generation, which are currently in a state of infancy for automotive systems, in both white and, especially, black box settings. The thesis focuses on communication protocols used in vehicular systems and we base our research on formal methods. The rationale is their rigor, as they are based on sound logical principles, and their potential for efficiency gains, since formally defined systems can be more easily analyzed algorithmically and, therefore, tested automatically. Our contributions include:

• Methods for deriving automata: 

  • We provide a method to automatically obtain behavioral models in the form of state machines of communication protocol implementations in real-world settings using automata learning.   
  • We demonstrate a method to derive compound protocol state machines, i.e., state machines representing systems that communicate via more than one protocol at the same time

• Methods for checking automata:   

  • We provide a means to automatically check these state machines for their compliance with a specification (e.g., from a standard, like ISO/IEC 14443-3). 
  • We provide a scheme, Context-based Proposition Maps (CPMs), to aug    ment the state machines with propositions (i.e., attributes that can be checked).   
  • We define generic Linear Temporal Logic (LTL)-based properties to recognize cybersecurity-related specification violations.   
  • We provide a method to model-check inferred state machines utilizing the Rebeca modeling language providing a formally defined template.

• Methods to facilitate test case generation: 

  • We present a technique to automatically derive test cases to demonstrate deviations identified in a state machine on the actual system.   
  • We also present a method to create abstract cybersecurity test-case specifications from semi-formal threat models using attack trees.   
  • We provide a method for utilizing Large Language Models (LLMs) to derive test cases from threat models and inferred state machines.   
  • We present a method utilizing LLMs to derive security properties from threat models to model-check implemented state machines, determining the consistency of designs’ threat models and implementations’ state machines.
Place, publisher, year, edition, pages
Västerås: Mälardalens universitet, 2025
Series
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 445
Keywords
Cybersecurity, Formal Methods, Model Checking, Threat Modeling, Testing, Verification
National Category
Security, Privacy and Cryptography
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-73534 (URN)978-91-7485-726-9 (ISBN)
Public defence
2025-11-28, Kappa, Mälardalens universitet, Västerås, 10:00 (English)
Opponent
Supervisors
Available from: 2025-10-03 Created: 2025-10-03 Last updated: 2025-11-07Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Sjödin, Mikael

Search in DiVA

By author/editor
Sjödin, Mikael
By organisation
Embedded Systems
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 132 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Mälardalen University Library
|
DiVA Log in