ITEQS 2020
Sat 24 Oct 2020 Porto, Portugal
co-located with ICST 2020
Sat 24 Oct 2020 11:30 - 12:00 at São João - Session II Chair(s): Eduard Paul Enoiu

Industrial products, like vehicles and trains, integrate embedded systems implementing diverse and complicated functionalities. Such functionalities are programmable by software and contain a multitude of parameters necessary for their configuration, which have been increasing due to the market diversification and customer demand. In addition, industrial products are often built by aggregating different software parts (components), constituting thus product variants. Product variants with such variability need to be tested adequately, in particular if one is concerned with security vulnerabilities. While efficient automated testing approaches already exist, such as fuzzing, no tool is able to use results from previous testing campaigns to increase the efficiency of security testing the next product variant that shares certain functionalities. This paper presents an approach that can ignore already covered functionalities by previous tests and give more importance to blocks of code that have yet to be checked. The benefit is to avoid repeating unnecessary work, hence increasing the speed and the coverage in the new variant. The approach was implemented in a tool based on the AFL fuzzer and was validated with a set of programs of different versions. The experimental results show that the tool can perform better than AFL in our testing scenario.

Sat 24 Oct

Displayed time zone: Lisbon change

11:00 - 12:30
Session IIITEQS 2020 at São João
Chair(s): Eduard Paul Enoiu Mälardalen University

ITEQS 2020 is held as a virtual workshop via Zoom. Contact iteqs2020@easychair.org for the details.

11:00
30m
Full-paper
Prioritizing Scenarios based on STAMP/STPA Using Statistical Model Checking
ITEQS 2020
Mitsuaki Tsuji Nara Institute of Science and Technology, Toshinori Takai Nara Institute of Science and Technology, Kazuki Kakimoto Nara Institute of Science and Technology, Naoki Ishihama Japan Aerospace Exploration Agency, Masafumi Katahira Japan Aerospace Exploration Agency, Hajimu Iida Nara Institute of Science and Technology
Link to publication DOI
11:30
30m
Full-paper
Generating Tests for the Discovery of Security Flaws in Product Variants
ITEQS 2020
Francisco Araújo LASIGE, Faculdade de Ciências da Universidade de Lisboa, Ibéria Medeiros LaSIGE, Faculdade de Ciências da Universidade de Lisboa, Nuno Neves DI FC UL
Link to publication DOI
12:00
30m
Full-paper
Test Data Generation for False Data Injection Attack Testing in Air Traffic Surveillance *Best Paper*
ITEQS 2020
Aymeric Cretin Femto-ST Institute, Alexandre Vernotte Femto-ST Institute, Antoine Chevrot Femto-ST Institute, Fabien Peureux Institut FEMTO-ST (UMR CNRS 6174) and Smartesting S&S, Bruno Legeard FEMTO-ST / DISC
Link to publication DOI