https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Using Automata Learning for Compliance Evaluation of Communication Protocols on an NFC Handshake Example
AVL List Gmbh, Graz, Austria.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0001-7586-0409
2024 (English)In: Lecture Notes in Computer Science, Springer Science and Business Media Deutschland GmbH , 2024, p. 170-190Conference paper, Published paper (Refereed)
Abstract [en]

Near-Field Communication (NFC) is a widely adopted standard for embedded low-power devices in very close proximity. In order to ensure a correct system, it has to comply to the ISO/IEC 14443 standard. This paper concentrates on the low-level part of the protocol (ISO/IEC 14443-3) and presents a method and a practical implementation that complements traditional conformance testing. We infer a Mealy state machine of the system-under-test using active automata learning. This automaton is checked for bisimulation with a specification automaton modelled after the standard, which provides a strong verdict of conformance or non-conformance. As a by-product, we share some observations of the performance of different learning algorithms and calibrations in the specific setting of ISO/IEC 14443-3, which is the difficulty to learn models of system that a) consist of two very similar structures and b) very frequently give no answer (i.e. a timeout as an output).

Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2024. p. 170-190
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 14390 LNCS
Keywords [en]
Automata Learning, Bisimulation, Formal Methods, NFC, Protocol Compliance, Automata theory, ISO Standards, Learning algorithms, Learning systems, Near field communication, Automaton learning, Bisimulations, Close proximity, Communications protocols, Compliance evaluations, Conformance testing, ISO/IEC-14443, Low-power devices, Near-field communication
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-65246DOI: 10.1007/978-3-031-49252-5_13Scopus ID: 2-s2.0-85180149916ISBN: 9783031492518 (print)OAI: oai:DiVA.org:mdh-65246DiVA, id: diva2:1823987
Conference
8th International Conference on Engineering of Computer-Based Systems, ECBS 2023, Västerås, 16 October 2023 through 18 October 2023
Available from: 2024-01-03 Created: 2024-01-03 Last updated: 2024-03-01Bibliographically approved
In thesis
1. Model-Driven Security Test Case Generation Using Threat Modeling and Automata Learning
Open this publication in new window or tab >>Model-Driven Security Test Case Generation Using Threat Modeling and Automata Learning
2024 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Automotive systems are not only becoming more open through developments like advanced driving assistance functions, autonomous driving, vehicle-to-everything communication and software-defined vehicle functionality, but also more complex. At the same time, technology from standard IT systems become frequently adopted in this setting. These developments have two negative effects on correctness and security: the rising complexity adds potential flaws and vulnerabilities while the increased openness expands attack surfaces and entry points for adversaries. To provide more secure systems, the amount of verifying system security through testing has to be significantly increased, which is also a requirement by international regulation and standards. Due to long supply chains and non-disclosure policies, verification methods often have to operate in a black box setting. This thesis strives therefore towards finding more efficient methods of automating test case generation in both white and black box scenarios. The focus lies on communication protocols used in vehicular systems. The main approaches used are model-based methods. We provide a practical method to automatically obtain behavioral models in the form of state machines of communication protocol implementations in real-world settings using automata learning. We also provide a means to automatically check these implementation models for their compliance with a specification (e.g., from a standard). We furthermore present a technique to automatically derive test-cases to point out found deviations on the actual system.We also present a method to create abstract cybersecurity test case specifications from semi-formal threat models using attack trees. 

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2024
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 355
National Category
Computer and Information Sciences Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-66165 (URN)978-91-7485-638-5 (ISBN)
Presentation
2024-04-25, U2-024 och via Teams, Mälardalens universitet, Västerås, 10:00 (English)
Opponent
Supervisors
Available from: 2024-03-04 Created: 2024-03-01 Last updated: 2024-04-04Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Sirjani, MarjanSjödin, Mikael

Search in DiVA

By author/editor
Marksteiner, S.Sirjani, MarjanSjödin, Mikael
By organisation
Embedded Systems
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 60 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf