https://www.mdu.se/

mdu.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Learning single and compound-protocol automata and checking behavioral equivalences
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. AVL List GmbH, Graz, Austria.ORCID iD: 0000-0001-8556-1541
AVL DiTEST GmbH, Graz, Austria.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0001-7586-0409
2025 (English)In: International Journal on Software Tools for Technology Transfer, ISSN 1433-2779, E-ISSN 1433-2787Article in journal (Refereed) Published
Abstract [en]

This paper presents a method and a practical implementation that complements traditional conformance testing. We infer a Mealy state machine of the system-under-test using active automata learning. This automaton is checked for bisimulation with a specification automaton modeled after the standard, which provides a strong verdict of conformance or nonconformance. We further present a method to learn models of multiple communication protocols running on the same device using a dispatcher system in conjunction with the same automata learning algorithms. We subsequently use similar checking methods to compare it with separately learned models. This allows for determining whether there is some interference or interaction between those protocols. In the practical execution of the system, we concentrate on lower levels of the Near-Field Communication (NFC, ISO/IEC 14443-3) and the Bluetooth Low-Energy (BLE) protocols. As a by-product, we share some observations of the performance of different learning algorithms and calibrations in the specific setting of ISO/IEC 14443-3, which is the difficulty to learn models of systems that a) consist of two very similar structures and b) timeout very frequently, as well as the role of conformance testing for compound models and speed optimizations for time-sensitive protocols.
Place, publisher, year, edition, pages
Springer Nature , 2025.
Keywords [en]
NFC, BLE, Automata learning, Protocol compliance, Bisimulation, Formal methods
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-71287DOI: 10.1007/s10009-025-00797-yISI: 001467011100001Scopus ID: 2-s2.0-105003122578OAI: oai:DiVA.org:mdh-71287DiVA, id: diva2:1955497
Available from: 2025-04-30 Created: 2025-04-30 Last updated: 2025-10-10Bibliographically approved
In thesis
1. Formal Methods-based Security Testing Utilizing Threat Modeling, Automata Learning, and Model Checking
Open this publication in new window or tab >>Formal Methods-based Security Testing Utilizing Threat Modeling, Automata Learning, and Model Checking
2025 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

This thesis strives towards finding more efficient methods of automating security test case generation, which are currently in a state of infancy for automotive systems, in both white and, especially, black box settings. The thesis focuses on communication protocols used in vehicular systems and we base our research on formal methods. The rationale is their rigor, as they are based on sound logical principles, and their potential for efficiency gains, since formally defined systems can be more easily analyzed algorithmically and, therefore, tested automatically. Our contributions include:

• Methods for deriving automata: 

  • We provide a method to automatically obtain behavioral models in the form of state machines of communication protocol implementations in real-world settings using automata learning.   
  • We demonstrate a method to derive compound protocol state machines, i.e., state machines representing systems that communicate via more than one protocol at the same time

• Methods for checking automata:   

  • We provide a means to automatically check these state machines for their compliance with a specification (e.g., from a standard, like ISO/IEC 14443-3). 
  • We provide a scheme, Context-based Proposition Maps (CPMs), to aug    ment the state machines with propositions (i.e., attributes that can be checked).   
  • We define generic Linear Temporal Logic (LTL)-based properties to recognize cybersecurity-related specification violations.   
  • We provide a method to model-check inferred state machines utilizing the Rebeca modeling language providing a formally defined template.

• Methods to facilitate test case generation: 

  • We present a technique to automatically derive test cases to demonstrate deviations identified in a state machine on the actual system.   
  • We also present a method to create abstract cybersecurity test-case specifications from semi-formal threat models using attack trees.   
  • We provide a method for utilizing Large Language Models (LLMs) to derive test cases from threat models and inferred state machines.   
  • We present a method utilizing LLMs to derive security properties from threat models to model-check implemented state machines, determining the consistency of designs’ threat models and implementations’ state machines.
Place, publisher, year, edition, pages
Västerås: Mälardalens universitet, 2025
Series
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 445
Keywords
Cybersecurity, Formal Methods, Model Checking, Threat Modeling, Testing, Verification
National Category
Security, Privacy and Cryptography
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-73534 (URN)978-91-7485-726-9 (ISBN)
Public defence
2025-11-28, Kappa, Mälardalens universitet, Västerås, 10:00 (English)
Opponent
Supervisors
Available from: 2025-10-03 Created: 2025-10-03 Last updated: 2025-11-07Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Marksteiner, StefanSirjani, MarjanSjödin, Mikael

Search in DiVA

By author/editor
Marksteiner, StefanSirjani, MarjanSjödin, Mikael
By organisation
Embedded Systems
In the same journal
International Journal on Software Tools for Technology Transfer
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 107 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Mälardalen University Library
|
DiVA Log in