Security Threat Identification and Testing

•

1 like•293 views

Business applications are more and more collaborative (cross-domains, cross-devices, service composition). Security shall focus on the overall application scenario including the interplay between its entities/devices/services, not only on the isolated systems within it. In this paper we propose the Security Threat Identification And TEsting (STIATE) toolkit to support development teams toward security assessment of their under-development applications focusing on subtle security logic flaws that may go undetected by using current industrial technology. At design-time, STIATE supports the development teams toward threat modeling and analysis by identifying automatically potential threats (via model checking and mutation techniques) on top of sequence diagrams enriched with security annotations (including {whatif} conditions). At run-time, STIATE supports the development teams toward testing by exploiting the identified threats to automatically generate and execute test-cases on the up and running application. We demonstrate the usage of the STIATE toolkit on an application scenario employing the SAML Single Sign-On multi-party protocol, a well-known industrial security standard largely studied in previous literature.

Roberto Carbone, Security & Trust, FBK
Luca Compagna, SAP France Lab
Annibale Panichella, Delft University of Technology
Serena Elisa Ponta, SAP France Lab
 
Security Threat
Identiﬁcation and Testing

• Automated security analysis techniques can systematically
explore and test the behaviour of the system running in a
hostile environment.
• Informal specification ! Formal specification
• Formal verification ! Test Case Generation
• Formal specification ! Real Implementation
Goal: Bring them to the market!
Motivation and Goals

Formal Veriﬁcation
Formal Model +
Security Property
Attack
Not Found
Model Checker
Attack
Found
Test
Execution
Engine
Adapter
Test
Case

Formal Veriﬁcation
Formal Model +
Security Property
Attack
Not Found
Model Checker
Attack
Found
Test
Execution
Engine
Adapter
Test
Case
Formal Model
vs.
Informal Model

Formal Models: ASLan++
ASLan++
Sequence Diagram
• Easy to understand
• Few details
• Not useful for formal analysis
• Input of the model checker (SATMC)
• Many details
• More complex to write

STIATE toolkit: Architecture
Front-end: add-in for
Enterprise Modelling
Tools (Power Designer).
Sequence Diagram
(Informal Model)
Security Annotations
(XMI files)
SATMC: model checker
for the formal analysis
XMI Translator:
converts XMI files in
formal Models (ASLan)
Test Case Execution
Mutation: mutation
testing for formal
models

Scenario: SAML-SSO
SAML 2.0 Web Browser Single Sign-On Proﬁle:
- SAML-based SSO for Google App
- Novell Access Manager
- SimpleSAMLphp by UNINETT

Scenario: SAML-SSO
SAML 2.0 Web Browser Single Sign-On Proﬁle:
- SAML-based SSO for Google App
- Novell Access Manager
- SimpleSAMLphp by UNINETT
Vulnerabilities due to
wrong design choice
A. Armando, R. Carbone, L.
Compagna,
“LTL Model Chencking for
Security Protocols”
Computer Security Foundation , 2007
Design vs.
Implementation
A. Armando, R. Carbone, L.
Compagna, J. Cueller, F.
Pellegrino, , “An authentication ﬂaw
in browser-based Single Sign-On
protocols: Impact and remediations”
Computer & Security, 2013

• SATMC reduces the security problem to propositional satisfiability problem
(SAT)
• Why SAT?
Dramatic speed-up of SAT solvers: problems with thousands of variables are
now solved routinely in milliseconds.
STIATE toolkit: SATMC
Satisfiable
formula
Unsatisfiable
formula

STIATE toolkit: SATMC
ASLan++ v. 1ASLan++ v. 0
SATMC SATMC
Attack
Not Found
Attack
Found

STIATE toolkit: SATMC
ASLan++ v. 1
SATMC
Attack
Found
Vulnerabilities due to
wrong design choice
A. Armando, R. Carbone, L.
Compagna,
“LTL Model Chencking for
Security Protocols”
Computer Security Foundation , 2007

STIATE toolkit: SATMC
ASLan++ v. 0
SATMC
Attack
Not Found
Let us to suppose that the model
checker does not found any
attack trace, i.e., the model is
secure
Can we guarantee that its
implementation is still secure?

Speciﬁcation vs. Implementation
Specification Real Implementation
The implementation may deviate from the specification. Thus, even if the
theoretical specification is secure, its corresponding implementation may be not
secure because of implementation mistakes.

Speciﬁcation vs. Implementation
There are many widespread and critical errors that can lead to serious
vulnerabilities in software. A classification of the top most common errors can be
found in http://cwe.mitre.org/top25/index.html#Listing

STIATE toolkit: Mutation
Injecting vulnerabilities in the model to see if
such vulnerabilities could lead to an attack that
violates one security properties.
Mutating the ASLan++ specification by
injecting vulnerabilities that mirror
common implementation flaws.

STIATE toolkit: MutationSTIATE toolkit: Mutation
Original Model

STIATE toolkit: MutationSTIATE toolkit: Mutation
Original Model Mutated Model

STIATE toolkit: Mutation
Mutated Model
SATMC
Attack
Found
Design vs.
Implementation
A. Armando, R. Carbone, L.
Compagna, J. Cueller, F.
Pellegrino, , “An authentication ﬂaw
in browser-based Single Sign-On
protocols: Impact and remediations”
Computer & Security, 2013

This document discusses various techniques for improving application security, including detecting vulnerabilities through code review, static analysis, and symbolic execution. It also discusses preventing vulnerabilities through code and binary rewriting and sandboxing. Finally, it discusses proving security through formal methods like model checking and theorem proving. Symbolic execution is described as a technique that symbolically executes a program to build constraints that can then be solved to generate new test inputs. Fuzzgrind is presented as a tool that uses symbolic execution and constraint solving to act as an efficient fuzzer.

A new Test Tool in SAP Circuit Diagram for Code: SAP ABAP Test Seams Moose2Model

ESUG

This document discusses SAP ABAP Test Seams, a technique for unit testing code with external dependencies. It introduces Moose2Model, a tool that generates circuit diagrams from code to help developers understand software structure. The document recommends Test Seams as they allow testing to be added more easily and separated from production code with minimal risk. Moose2Model is presented as an automation tool that can create and update diagrams fast, reducing cognitive load during coding.

Case Study: Automated Code Reviews In A Grown SAP Application Landscape At EW...

Virtual Forge

Markus Theilen, IT Development coordinator at EWE, talks about his experience and approach to the introduction of Virtual Forge CodeProfiler in the application development of easy+ easy+ is a 100% custom-developed application system of EWE based on SAP ERP 6.0, which includes the components of meter reading, accounting, invoicing and claims management, market communication and reporting / controlling for energy services of the EWE Group.

Tetra Ppt 6604 Edited

mamach4

BUSTED! How to Find Security Bugs Fast!

Parasoft

This presentation explores how busting software bugs does more than ensure the reliability and performance of your software—it helps ensure application security. Topics covered include: How AppSec processes are really quality processes How software bugs are really security vulnerabilities How to apply coding standards as part of a continuous testing process to prevent defects from affecting the safety, security, and reliability of your applications

Scaling security in a cloud environment v0.5 (Sep 2017)

Dinis Cruz

This document summarizes a presentation on scaling security in cloud environments. The key points are: 1. Testing and automation are essential for scaling security in the cloud. All aspects of the cloud environment, from provisioning to deployment to scaling, need to be tested. 2. Performance tests should be run daily, including during high-volume periods, to test the behavior of the system under different loads. Quality assurance tests can serve as good performance tests when executed in random order. 3. Automated scaling is a powerful feature of the cloud but autoscaling rules and behaviors also need to be tested to ensure they work as expected under different conditions.

Zero-bug Software, Mathematically Guaranteed

Ashley Zupkus

The Automation Firehose: Be Strategic and Tactical by Thomas Haver

QA or the Highway

The document discusses strategies for automating software testing. It emphasizes taking a risk-based approach to determine what to automate based on factors like frequency of use, complexity, and legal risk. The document provides recommendations for test automation best practices like treating automated test code like development code, using frameworks and tools to standardize coding practices, and prioritizing unit and integration testing over UI testing. It also discusses challenges that can arise with test automation like flaky tests, long test execution times, and keeping automation in sync with changing software. Metrics for measuring the effectiveness of test automation are presented, like test coverage, defect findings and trends, and time savings.

The document discusses challenges for incorporating security practices into agile development and proposes a "Security Toolbox" to help development teams identify and mitigate security risks through the use of accepted security knowledge bases and guidance mapped to specific architectural elements. The toolbox is intended to minimize "Security Debt" by predicting security issues upfront and providing acceptance tests and estimates to integrate security into sprint planning and product backlogs. An example is provided of how the toolbox could be applied to help three development teams implement a secure online comment system.

Proving the Security of Low-Level Software Components & TEEs

Ashley Zupkus

Static Analysis Security Testing for Dummies... and You

Kevin Fealey

Most enterprise application security teams have at least one Static Analysis Security Testing (SAST) tool in their tool-belt; but for many, the tool never leaves the belt. SAST tools have gotten a reputation for being slow, error-prone, and difficult to use; and out of the box, many of them are – but with a little more knowledge behind how these tools are designed, a SAST tool can be a valuable part of any security program. In this talk, we’ll help you understand the strengths and weaknesses of SAST tools by illustrating how they trace your code for vulnerabilities. You’ll see out-of-the-box rules for commercial and open-source SAST tools, and learn how to write custom rules for the widely-used open source SAST tool, PMD. We’ll explain the value of customizing tools for your organization; and you’ll learn how to integrate SAST technologies into your existing build and deployment pipelines. Lastly, we’ll describe many of the common challenges organizations face when deploying a new security tool to security or development teams, as well as some helpful hints to resolve these issues

4 florin coada - dast automation, more value for less work

Ievgenii Katsan

Qualifying a high performance memory subsysten for Functional Safety

Pankaj Singh

Addressing the Challenges of Safety verification for LPDDR4. ✓Avoid traditional approach of starting functional safety after functional verification : Iterative and expensive development phase 1. Functional Safety Need to be Architected and not added later. 2. Safety Analysis must start prior to implementation. ‘Design for safety/verification’ 3. Reuse & Synergize : Nominal and Functional Safety Verification. ✓Fault optimization with formal and other techniques is necessary to overcome challenges with scaling simulation and analysis. ✓Integrated push button fault simulation flow is need of hour and saves verification engineers time. ✓Analog defect modelling and coverage can be performed based on IEEE P2427.

Security Testing: Myths, Challenges, and Opportunities - Experiences in Integ...

Achim D. Brucker

Security testing is an important part of any security development lifecycle (SDL) and, thus, should be a part of any software (development) lifecycle. Still, security testing is often understood as an activity done by security testers in the time between "end of development'" and "offering the product to customers.'" On the one hand, learning from traditional testing that the fixing of bugs is the more costly the later it is done in development, security testing should be integrated into the daily development activities. On the other hand, developing software for the cloud and offering software in the cloud raises the need for security testing in a "close-to-production" or even production environment. Consequently, we need an end-to-end integration of security testing into the software lifecycle. In this talk, we will report on our experiences on integrating security testing ``end-to-end'' into SAP's software development lifecycle in general and, in particular, SAP's Secure Software Development Lifecycle (S2DL). Moreover, we will discuss different myths, challenges, and opportunities in the are security testing.

Work Portfolio

Amit Prabhudesai

This document provides a summary of Amit Prabhudesai's work portfolio. It outlines his educational background and work experience in image processing and computer vision. It then describes several projects he has worked on, including human detection using Adaboost for surveillance video, optimizing a Lane Departure Warning system for a Texas Instruments DSP, developing video analytics software for retail store customer counting and queue detection, and an Automatic Fingerprint Identification System. It also lists some relevant trainings and mentorship activities.

Shift Left Security

BATbern

The presentation focuses on the responsibilities, practices, processes, tools, and techniques that systematically increase security in the software development lifecycle (SSDLC). Software should be provisioned uniformly declarative regardless of whether software artifacts are produced in-house or purchased. This is the foundation for effective quality and security standardization, which are key facilitators of reliability engineering.

How to assess the risks in your SAP systems at the push of a button

Virtual Forge

This presentation was held by Stephen Lamy, Virtual Forge, at the Basis & SAP Administration 2015 Conference in Las Vegas, March 2015. Stephen Lamy explained important elements of crucial testing included in a risk assessment of SAP system configurations and custom (and third-party) ABAP code. What strategies exist for identifying the types of testing to perform as well as ensuring SAP systems remain safe and secure through the building of automated processes. Key Takeaways: - Why automated risk assessments can benefit you in a cost-effective way - How to ensure security and compliance without losing quality in SAP systems and applications - How to lower the risk of vulnerabilities by implementing a code or system scanning solution to test for security, compliance and quality

Lessons Learned in Software Development: QA Infrastructure – Maintaining Rob...

Cωνσtantίnoς Giannoulis

The document discusses lessons learned in building robust QA infrastructure for commercial software. Key points include: 1) QA infrastructure is as important as the application itself and must be developed in parallel, not as an afterthought. QA and development teams should work closely together. 2) The build, source control, and test systems form an integrated distributed infrastructure that should allow development and testing from any location. 3) Tests should be written to easily grow over time, from simple unit tests to complex tests that export application states. An automated continuous testing system is critical.

Parasoft .TEST, Write better C# Code Using Data Flow Analysis

Engineering Software Lab

Data flow analysis is a type of static code analysis that examines how values are propagated through a program. It is more effective than pattern matching or regular static analysis at finding defects related to interactions between methods and classes that may be difficult to uncover through testing alone. Static analysis tools using data flow analysis can simulate execution paths to detect potential issues without requiring the code to be compiled and run. Developers are encouraged to use static testing tools to catch defects early in development, as prevention of bugs is more efficient than finding and fixing them later.

The computer says no v2

Matteo Emili

GNUCITIZEN Dwk Owasp Day September 2007

guest20ab09

The document discusses challenges with automated web application security testing tools and introduces the Technika Security Framework as a potential solution. It notes that over 90% of applications have vulnerabilities and most attacks now target the client-side. Automated tools have limitations around business logic, custom URLs, and false positives/negatives. A hybrid approach combining automated scanning and manual testing is suggested. The Technika Framework includes tools like a DOM spider, form parser, and mini-Nikto for automated scanning within a browser environment.

Bypassing Secure Boot using Fault Injection

Riscure

The Fault Injection attack surface of Secure Boot implementations is determined by the specifics of their design and implementation. Using a generic Secure Boot design we detail multiple vulnerabilities (~10) using examples in source code, disassembly and hardware. We will determine what the impact is of the target's design on its Fault Injection attack surface: from high-level architecture to low-level implementation details. Research originally presented in November 2016 at BlackHat Europe.

SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...

akquinet enterprise solutions GmbH

The document summarizes the process and benefits of conducting an SAP security and compliance audit using the SAST SUITE tool. The audit focuses on authorization management, system configuration, and ABAP development/customizing. SAST SUITE comprehensively checks over 4,000 system settings and authorization rules. It generates a detailed report highlighting vulnerabilities and recommendations for remediation. On average, SAST SUITE can complete an audit in half the time required for a manual audit, reducing the resource burden on audited departments.

Building an application security program

Outpost24

With 73% of all cyber attacks happening on web applications* last year, there’s little doubt application layers and web-related attacks pose a significant risk to most organizations. However typical investment to protect common attack targets (content management systems and ecommerce platforms) don’t correspond. This webinar examines the growth of applications in enterprise architecture and the risks associated with agile development, plus expert advice and real world examples on how to scope and build an successful application security program that will maximize coverage and optimize your limited resource

Application Security in an Agile World - Agile Singapore 2016

Stefan Streichsbier

This document discusses application security in an agile development world. It begins with a brief history of application security and defines it as a quality aspect that contributes to business success like user experience and performance. Application security was traditionally handled by network teams but is now the responsibility of developers. The document advocates for adopting a DevSecOps approach where security is integrated into the development process through activities like threat modeling, design reviews, security testing, and monitoring. This allows catching issues earlier in the development cycle when they are cheaper to fix. The document provides examples of how to incorporate security into agile frameworks like Scrum.

#DOAW16 - DevOps@work Roma 2016 - Testing your databases

Alessandro Alpi

Introduction to Parasoft C++TEST

Engineering Software Lab

Introduction to Chaos Engineering

Raymond Adrian (Rad) Butalid

MIP Award presentation at the IEEE International Conference on Software Analy...

Annibale Panichella

Presentation for the Most Influential Paper (MIP) award at the IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) 2024 Abstract: Existing defect prediction models use product or process metrics and machine learning methods to identify defect- prone source code entities. Different classifiers (e.g., linear regression, logistic regression, or classification trees) have been investigated in the last decade. The results achieved so far are sometimes contrasting and do not show a clear winner. In this paper we present an empirical study aiming at statistically analyzing the equivalence of different defect predictors. We also propose a combined approach, coined as CODEP (COmbined DEfect Predictor), that employs the classification provided by different machine learning techniques to improve the detection of defect-prone entities. The study was conducted on 10 open source software systems and in the context of cross-project defect prediction, that represents one of the main challenges in the defect prediction field. The statistical analysis of the results indicates that the investigated classifiers are not equivalent and they can complement each other. This is also confirmed by the superior prediction accuracy achieved by CODEP when compared to stand-alone defect predictors.

Breaking the Silence: the Threats of Using LLMs in Software Engineering

Annibale Panichella

Presentation of our work presented at ICSE 2024 (NIER track) in Lisbon Abstract: Large Language Models (LLMs) have gained considerable traction within the Software Engineering (SE) community, impacting various SE tasks from code completion to test generation, from program repair to code summarization. Despite their promise, researchers must still be careful as numerous intricate factors can influence the outcomes of experiments involving LLMs. This paper initiates an open discussion on potential threats to the validity of LLM-based research including issues such as closed-source models, possible data leakage between LLM training data and research evaluation, and the reproducibility of LLM-based findings. In response, this paper proposes a set of guidelines tailored for SE researchers and Language Model (LM) providers to mitigate these concerns. The implications of the guidelines are illustrated using existing good practices followed by LLM providers and a practical example for SE researchers in the context of test case generation.

Similar to Security Threat Identification and Testing

Matthew Coles - Izar Tarandach - Security Toolbox

Source Conference

Proving the Security of Low-Level Software Components & TEEs

Ashley Zupkus

Static Analysis Security Testing for Dummies... and You

Kevin Fealey

4 florin coada - dast automation, more value for less work

Ievgenii Katsan

Qualifying a high performance memory subsysten for Functional Safety

Pankaj Singh

Security Testing: Myths, Challenges, and Opportunities - Experiences in Integ...

Achim D. Brucker

Work Portfolio

Amit Prabhudesai

Shift Left Security

BATbern

How to assess the risks in your SAP systems at the push of a button

Virtual Forge

Lessons Learned in Software Development: QA Infrastructure – Maintaining Rob...

Cωνσtantίnoς Giannoulis

Parasoft .TEST, Write better C# Code Using Data Flow Analysis

Engineering Software Lab

The computer says no v2

Matteo Emili

GNUCITIZEN Dwk Owasp Day September 2007

guest20ab09

Bypassing Secure Boot using Fault Injection

Riscure

SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...

akquinet enterprise solutions GmbH

Building an application security program

Outpost24

Application Security in an Agile World - Agile Singapore 2016

Stefan Streichsbier

#DOAW16 - DevOps@work Roma 2016 - Testing your databases

Alessandro Alpi

Introduction to Parasoft C++TEST

Engineering Software Lab

Introduction to Chaos Engineering

Raymond Adrian (Rad) Butalid

Similar to Security Threat Identification and Testing (20)

Matthew Coles - Izar Tarandach - Security Toolbox

Proving the Security of Low-Level Software Components & TEEs

Static Analysis Security Testing for Dummies... and You

4 florin coada - dast automation, more value for less work

Qualifying a high performance memory subsysten for Functional Safety

Security Testing: Myths, Challenges, and Opportunities - Experiences in Integ...

Work Portfolio

Shift Left Security

How to assess the risks in your SAP systems at the push of a button

Lessons Learned in Software Development: QA Infrastructure – Maintaining Rob...

Parasoft .TEST, Write better C# Code Using Data Flow Analysis

The computer says no v2

GNUCITIZEN Dwk Owasp Day September 2007

Bypassing Secure Boot using Fault Injection

SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...

Building an application security program

Application Security in an Agile World - Agile Singapore 2016

#DOAW16 - DevOps@work Roma 2016 - Testing your databases

Introduction to Parasoft C++TEST

Introduction to Chaos Engineering

More from Annibale Panichella

MIP Award presentation at the IEEE International Conference on Software Analy...

Annibale Panichella

Breaking the Silence: the Threats of Using LLMs in Software Engineering

Annibale Panichella

Searching for Quality: Genetic Algorithms and Metamorphic Testing for Softwar...

Annibale Panichella

More machine learning (ML) models are introduced to the field of Software Engineering (SE) and reached a stage of maturity to be considered for real-world use; But the real world is complex, and testing these models lacks often in explainability, feasibility and computational capacities. Existing research introduced meta-morphic testing to gain additional insights and certainty about the model, by applying semantic-preserving changes to input-data while observing model-output. As this is currently done at random places, it can lead to potentially unrealistic datapoints and high computational costs. With this work, we introduce genetic search as an aid for metamorphic testing in SE ML. Exploiting the delta in output as a fitness function, the evolutionary intelligence optimizes the transformations to produce higher deltas with less changes. We perform a case study minimizing F1 and MRR for Code2Vec on a representative sample from java-small with both genetic and random search. Our results show that within the same amount of time, genetic search was able to achieve a decrease of 10% in F1 while random search produced 3% drop.

A Fast Multi-objective Evolutionary Approach for Designing Large-Scale Optica...

Annibale Panichella

Spatial mode division de-multiplexing of optical signals has many real-world applications, such as quantum computing and both classical and quantum optical communication. In this context, it is crucial to develop devices able to efficiently sort optical signals according to the optical mode they belong to and route them on different paths. Depending on the mode selected, this problem can be very hard to tackle. Recently, researchers have proposed using multi-objective evolutionary algorithms (MOEAs) ---and NSGA-II in particular--- combined with Linkage Learning (LL) to automate the process of design mode sorter. However, given the very large-search scale of the problem, the existing evolutionary-based solutions have a very slow convergence rate. In this paper, we proposed a novel approach for mode sorter design that combines (1) stochastic linkage learning, (2) the adaptive geometry estimation-based MOEA (AGE-MOEA-II), and (3) an adaptive mutation operator. Our experiments with two- and three-objectives (beams) show that our approach is faster (better convergence rate) and produces better mode sorters (closer to the ideal solutions) than the state-of-the-art approach. A direct comparison with the vanilla NSGA-II and AGE-MOEA-II also further confirms the importance of adopting LL in this domain.

An Improved Pareto Front Modeling Algorithm for Large-scale Many-Objective Op...

Annibale Panichella

A key idea in many-objective optimization is to approximate the optimal Pareto front using a set of representative non-dominated solutions. The produced solution set should be close to the optimal front (convergence) and well-diversified (diversity). Recent studies have shown that measuring both convergence and diversity depends on the shape (or curvature) of the Pareto front. In recent years, researchers have proposed evolutionary algorithms that model the shape of the non-dominated front to define environmental selection strategies that adapt to the underlying geometry. This paper proposes a novel method for non-dominated front modeling using the Newton-Raphson iterative method for roots finding. Second, we compute the distance (diversity) between each pair of non-dominated solutions using geodesics, which are generalizations of the distance on Riemann manifolds (curved topological spaces). We have introduced an evolutionary algorithm within the Adaptive Geometry Estimation based MOEA (AGE-MOEA) framework, which we called AGE-MOEA-II. Computational experiments with 17 problems from the WFG and SMOP benchmarks show that AGE-MOEA-II outperforms its predecessor AGE-MOEA as well as other state-of-the-art many-objective algorithms, ie, NSGA-III, MOEA/D, VaEA, and LMEA.

VST2022.pdf

Annibale Panichella

Keynote at the 5th Workshop on Validation, Analysis, and Evolution of Software Tests (VST 2022) Website: https://rramler.github.io/vst2022/ Abstract: Nowadays, Artificial intelligence (AI) plays a critical role in automating different human-intensive tasks, including software engineering tasks. Since the late 70s, researchers have proposed automated techniques to automatically generate test data (fuzzing) or test suites (test suite generation). Proposed techniques span from simple heuristics to more advanced AI-based techniques and evolutionary intelligence in particular. While recent studies have shown that these techniques achieve high coverage and find bugs, generated tests can be hard to understand and maintain. This talk will provide an overview and reflection on state-of-the-art techniques, open challenges, and research opportunities towards more accessible tests that are easy to integrate within the DevOps cycle. To this aim, the talk will cover relevant application domains, including "traditional" software and emerging cyber-physical systems.

IPA Fall Days 2019

Annibale Panichella

This presentation describes the results published in the following paper published in the Journal INFORMATION AND SOFTWARE TECHNOLOGY TITLE: A Large Scale Empirical Comparison of State-of-the-art Search-based Test Case Generators AUTHORS: Annibale Panichella, Fitsum Kifetew, Paolo Tonella ABSTRACT: Context: Replication studies and experiments form an important foundation in advancing scientific research. While their prevalence in Software Engineering is increasing, there is still more to be done. Objective: This article aims to extend our previous replication study on search-based test generation techniques by performing a large-scale empirical comparison with further techniques from state of the art. Method: We designed a comprehensive experimental study involving six techniques, a benchmark composed of 180 non-trivial Java classes, and a total of 21,600 independent executions. Metrics regarding the effectiveness and efficiency of the techniques were collected and analyzed by means of statistical methods. Results: Our empirical study shows that single-target approaches are generally outperformed by multi-target approaches, while within the multi-target approaches, DynaMOSA/MOSA, which are based on many-objective optimization, outperform the others, in particular for complex classes. Conclusion: The results obtained from our large-scale empirical investigation con rm what has been reported in previous studies, while also highlighting striking differences and novel observations. Future studies, on different benchmarks and considering additional techniques, could further reinforce and extend our findings.

An Adaptive Evolutionary Algorithm based on Non-Euclidean Geometry for Many-O...

Annibale Panichella

In the last decade, several evolutionary algorithms have been proposed in the literature for solving multi- and many-objective optimization problems. The performance of such algorithms depends on their capability to produce a well-diversified front (diversity) that is as closer to the Pareto optimal front as possible (proximity). Diversity and proximity strongly depend on the geometry of the Pareto front, i.e., whether it forms a Euclidean, spherical or hyperbolic hypersurface. However, existing multi- and many-objective evolutionary algorithms show poor versatility on different geometries. To address this issue, we propose a novel evolutionary algorithm that: (1) estimates the geometry of the generated front using a fast procedure with O(M × N) computational complexity (M is the number of objectives and N is the population size); (2) adapts the diversity and proximity metrics accordingly. Therefore, to form the population for the next generation, solutions are selected based on their contribution to the diversity and proximity of the non-dominated front with regards to the estimated geometry. Computational experiments show that the proposed algorithm outperforms state-of-the-art multi and many-objective evolutionary algorithms on benchmark test problems with different geometries and number of objectives (M=3,5, and 10).

Speeding-up Software Testing With Computational Intelligence

Annibale Panichella

Software testing is a crucial activity to assess the correct behavior of a program. However, it is also costly since it consumes a large ratio of software development time. For this reason, researchers have investigated techniques to automate the process of creating test cases. The key idea is to use meta-heuristics (e.g., Genetic Algorithms) to automatically generate test cases that reveal software failures. In this talk, I will present a case study in the automotive and showing the larger effectiveness and efficiency of meta-heuristics compared to manual testing.

Incremental Control Dependency Frontier Exploration for Many-Criteria Test C...

Annibale Panichella

The presentation was given at the 10th International Symposium on Seach-Based Software Engineering (SSBSE 2018) Abstract: Several criteria have been proposed over the years for measuring test suite adequacy. Each criterion can be converted into a specific objective function to optimize with search-based techniques in an attempt to generate test suites achieving the highest possible coverage for that criterion. Recent work has tried to optimize for multiple-criteria at once by constructing a single objective function obtained as a weighted sum of the objective functions of the respective criteria. However, this solution suffers the problem of sum scalarization, i.e., differences along the various dimensions being optimized get lost when such dimensions are projected into a single value. Recent advances in SBST formulated coverage as a many-objective optimization problem rather than applying sum scalarization. Starting from this formulation, in this work, we apply many-objective test generation that handles multiple adequacy criteria simultaneously. To scale the approach to the big number of objectives to be optimized at the same time, we adopt an incremental strategy, where only coverage targets in the control dependency frontier are considered until the frontier is expanded by covering a previously uncovered target.

Sbst2018 contest2018

Annibale Panichella

We report on the advances in this sixth edition of the JUnit tool competitions. This year the contest introduces new benchmarks to assess the performance of JUnit testing tools on different types of real-world software projects. Following on the statistical analyses from the past contest work, we have extended it with the performance of the combined tool aiming to beat the human-made tests. Overall, the 6th competition evaluates four automated JUnit testing tools taking as baseline human written test cases for the selected benchmark projects. The paper details the modications performed to the methodology and provides full results of the competition.

Java Unit Testing Tool Competition — Fifth Round

Annibale Panichella

The document summarizes the 5th round of a Java unit testing tool competition. It describes the infrastructure used, including modifications to work with libraries not in DEFECT4J and a new tool to detect flaky tests. 69 classes across 8 projects were used as benchmarks. The results showed EvoSuite performed best overall based on generated test coverage, effectiveness on real and mutated code, and test quality metrics. Statistical analysis confirmed EvoSuite was better than the other 3 participating tools. Lessons included benefits of statistical analysis and selecting non-trivial test classes.

ICSE 2017 - Evocrash

Annibale Panichella

To reduce the effort developers have to make for crash debugging, researchers have proposed several solutions for automatic failure reproduction. Recent advances proposed the usage of symbolic execution, mutation analysis and directed model checking as underling techniques for post-failure analysis of crash stack traces. However, existing approaches still cannot reproduce many real-world crashes due to various limitations, such as environment dependencies, path explosion, and time complexity. In this paper, we present EvoCrash, a post-failure approach which uses a novel Guided Genetic Algorithm (GGA) to cope with the large search space characterizing real-world software programs, and thereby address major challenges in automated crash replication. Results of an empirical study on three open-source systems show that EvoCrash can successfully replicate 33 (66%) of real-world crashes, thereby outperforming the three cutting-edge crash replication techniques.

Evolutionary Testing for Crash Reproduction

Annibale Panichella

Manual crash reproduction is a labor-intensive and timeconsuming task. Therefore, several solutions have been proposed in literature for automatic crash reproduction, including generating unit tests via symbolic execution and mutation analysis. However, various limitations adversely a ect the capabilities of the existing solutions in covering a wider range of crashes because generating helpful tests that trigger speci c execution paths is particularly challenging. In this paper, we propose a new solution for automatic crash reproduction based on evolutionary unit test generation techniques. The proposed solution exploits crash data from collected stack traces to guide search-based algorithms toward the generation of unit test cases that can reproduce the original crashes. Results from our preliminary study on real crashes from Apache Commons libraries show that our solution can successfully reproduce crashes which are not reproducible by two other state-of-art techniques.

Parameterizing and Assembling IR-based Solutions for SE Tasks using Genetic A...

Annibale Panichella

This document proposes using genetic algorithms to parameterize and assemble information retrieval (IR)-based solutions for software engineering tasks. The goal is to find an optimal configuration of IR parameters like term extraction, stopword removal, weighting, and distance functions. The approach evaluates different IR configurations based on how well they cluster related documents, as measured by silhouette coefficient. Empirical tests on traceability recovery and duplicate bug detection tasks show this "GA-IR" approach finds configurations comparable to ideal ones and outperforming baselines. The clustering hypothesis - that better document clusters correlate with better IR performance - is also supported.

Reformulating Branch Coverage as a Many-Objective Optimization Problem

Annibale Panichella

Test data generation has been extensively investigated as a search problem, where the search goal is to maximize the number of covered program elements (e.g., branches). Recently, the whole suite approach, which combines the fitness functions of single branches into an aggregate, test suite-level fitness, has been demonstrated to be superior to the traditional single-branch at a time approach. In this paper, we propose to consider branch coverage directly as a many-objective optimization problem, instead of aggregating multiple objectives into a single value, as in the whole suite approach. Since programs may have hundreds of branches (objectives), traditional many-objective algorithms that are designed for numerical optimization problems with less than 15 objectives are not applicable. Hence, we introduce a novel highly scalable many-objective genetic algorithm, called MOSA (Many-Objective Sorting Algorithm), suitably defined for the many-objective branch coverage problem. Results achieved on 64 Java classes indicate that the proposed many-objective algorithm is significantly more effective and more efficient than the whole suite approach. In particular, effectiveness (coverage) was significantly improved in 66% of the subjects and efficiency (search budget consumed) was improved in 62% of the subjects on which effectiveness remains the same.

Results for EvoSuite-MOSA at the Third Unit Testing Tool Competition

Annibale Panichella

The document describes MOSA, a new many-objective sorting algorithm for test case prioritization and generation. MOSA reformulates branch coverage as a multi-objective optimization problem by defining an objective function for each branch. It then uses a genetic algorithm and preference criterion to iteratively generate test cases that optimize coverage of multiple branches at once. MOSA was implemented in the Evosuite-MOSA tool and achieved competitive results in the Third Unit Testing Tool Competition, requiring less time than other high-scoring tools to achieve similar coverage levels. However, Evosuite-MOSA also encountered some crashes and limitations when handling certain classes in the competition benchmark.

Adaptive User Feedback for IR-based Traceability Recovery

Annibale Panichella

Traceability recovery allows software engineers to understand the interconnections among software artefacts and, thus, it provides an important support to software maintenance activities. In the last decade, Information Retrieval (IR) has been widely adopted as core technology of semi-automatic tools to extract traceability links between artefacts according to their textual information. However, a widely known problem of IR-based methods is that some artefacts may share more words with non-related artefacts than with related ones. To overcome this problem, enhancing strategies have been proposed in literature. One of these strategies is relevance feedback, which allows to modify the textual similarity according to information about links classified by the users. Even though this technique is widely used for natural language documents, previous work has demonstrated that relevance feedback is not always useful for software artefacts. In this paper, we propose an adaptive version of relevance feedback that, unlike the standard version, considers the characteristics of both (i) the software artefacts and (ii) the previously classified links for deciding whether and how to apply the feedback. An empirical evaluation conducted on three systems suggests that the adaptive relevance feedback outperforms both a pure IR-based method and the standard feedback.

Diversity mechanisms for evolutionary populations in Search-Based Software En...

Annibale Panichella

This document discusses mechanisms for maintaining diversity in evolutionary algorithms. It begins by explaining the importance of balancing exploration and exploitation. Several techniques for preserving diversity are then presented, including modifying genetic operators, changing the objective function, and applying statistical methods. Empirical evaluations demonstrate how diversity mechanisms can improve performance in search-based software engineering problems like test data generation and test suite optimization, which often suffer from premature convergence and getting stuck in local optima due to loss of diversity. Parameter tuning techniques like adjusting the mutation rate and niching methods like fitness sharing are also described as ways to explicitly promote diversity.

Estimating the Evolution Direction of Populations to Improve Genetic Algorithms

Annibale Panichella

Meta-heuristics have been successfully used to solve a wide variety of problems. However, one issue many techniques have is their risk of being trapped into local optima, or to create a limited variety of solutions (problem known as ``population drift''). During recent and past years, different kinds of techniques have been proposed to deal with population drift, for example hybridizing genetic algorithms with local search techniques or using niche techniques. This paper proposes a technique, based on Singular Value Decomposition (SVD), to enhance Genetic Algorithms (GAs) population diversity. SVD helps to estimate the evolution direction and drive next generations towards orthogonal dimensions. The proposed SVD-based GA has been evaluated on 11 benchmark problems and compared with a simple GA and a GA with a distance-crowding schema. Results indicate that SVD-based GA achieves significantly better solutions and exhibits a quicker convergence than the alternative techniques.

More from Annibale Panichella (20)

MIP Award presentation at the IEEE International Conference on Software Analy...

Breaking the Silence: the Threats of Using LLMs in Software Engineering

Searching for Quality: Genetic Algorithms and Metamorphic Testing for Softwar...

A Fast Multi-objective Evolutionary Approach for Designing Large-Scale Optica...

An Improved Pareto Front Modeling Algorithm for Large-scale Many-Objective Op...

VST2022.pdf

IPA Fall Days 2019

An Adaptive Evolutionary Algorithm based on Non-Euclidean Geometry for Many-O...

Speeding-up Software Testing With Computational Intelligence

Incremental Control Dependency Frontier Exploration for Many-Criteria Test C...

Sbst2018 contest2018

Java Unit Testing Tool Competition — Fifth Round

ICSE 2017 - Evocrash

Evolutionary Testing for Crash Reproduction

Parameterizing and Assembling IR-based Solutions for SE Tasks using Genetic A...

Reformulating Branch Coverage as a Many-Objective Optimization Problem

Results for EvoSuite-MOSA at the Third Unit Testing Tool Competition

Adaptive User Feedback for IR-based Traceability Recovery

Diversity mechanisms for evolutionary populations in Search-Based Software En...

Estimating the Evolution Direction of Populations to Improve Genetic Algorithms

Recently uploaded

Competition and Regulation in Professions and Occupations – OECD – June 2024 ...

OECD Directorate for Financial and Enterprise Affairs

Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...

OECD Directorate for Financial and Enterprise Affairs

This presentation by Thibault Schrepel, Associate Professor of Law at Vrije Universiteit Amsterdam University, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp. This presentation was uploaded with the author’s consent.

Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf

Ben Linders

Psychological safety in teams is important; team members must feel safe and able to communicate and collaborate effectively to deliver value. It’s also necessary to build long-lasting teams since things will happen and relationships will be strained. But, how safe is a team? How can we determine if there are any factors that make the team unsafe or have an impact on the team’s culture? In this mini-workshop, we’ll play games for psychological safety and team culture utilizing a deck of coaching cards, The Psychological Safety Cards. We will learn how to use gamification to gain a better understanding of what’s going on in teams. Individuals share what they have learned from working in teams, what has impacted the team’s safety and culture, and what has led to positive change. Different game formats will be played in groups in parallel. Examples are an ice-breaker to get people talking about psychological safety, a constellation where people take positions about aspects of psychological safety in their team or organization, and collaborative card games where people work together to create an environment that fosters psychological safety.

Carrer goals.pptx and their importance in real life

artemacademy2

Career goals serve as a roadmap for individuals, guiding them toward achieving long-term professional aspirations and personal fulfillment. Establishing clear career goals enables professionals to focus their efforts on developing specific skills, gaining relevant experience, and making strategic decisions that align with their desired career trajectory. By setting both short-term and long-term objectives, individuals can systematically track their progress, make necessary adjustments, and stay motivated. Short-term goals often include acquiring new qualifications, mastering particular competencies, or securing a specific role, while long-term goals might encompass reaching executive positions, becoming industry experts, or launching entrepreneurial ventures. Moreover, having well-defined career goals fosters a sense of purpose and direction, enhancing job satisfaction and overall productivity. It encourages continuous learning and adaptation, as professionals remain attuned to industry trends and evolving job market demands. Career goals also facilitate better time management and resource allocation, as individuals prioritize tasks and opportunities that advance their professional growth. In addition, articulating career goals can aid in networking and mentorship, as it allows individuals to communicate their aspirations clearly to potential mentors, colleagues, and employers, thereby opening doors to valuable guidance and support. Ultimately, career goals are integral to personal and professional development, driving individuals toward sustained success and fulfillment in their chosen fields.

nationalismineurope-230420140400-1c53f60e.pptx

silki0908

原版制作贝德福特大学毕业证（bedfordhire毕业证）硕士文凭原版一模一样

gpww3sf4

原版一模一样【微信：741003700 】【贝德福特大学毕业证（bedfordhire毕业证）硕士文凭】【微信：741003700 】学位证，留信认证（真实可查，永久存档）offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

Competition and Regulation in Professions and Occupations – ROBSON – June 202...

OECD Directorate for Financial and Enterprise Affairs

This presentation by Professor Alex Robson, Deputy Chair of Australia’s Productivity Commission, was made during the discussion “Competition and Regulation in Professions and Occupations” held at the 77th meeting of the OECD Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found at oe.cd/crps. This presentation was uploaded with the author’s consent.

Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...

OECD Directorate for Financial and Enterprise Affairs

This presentation by Juraj Čorba, Chair of OECD Working Party on Artificial Intelligence Governance (AIGO), was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp. This presentation was uploaded with the author’s consent.

The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...

OECD Directorate for Financial and Enterprise Affairs

This presentation by Tim Capel, Director of the UK Information Commissioner’s Office Legal Service, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp. This presentation was uploaded with the author’s consent.

IEEE CIS Webinar Sustainable futures.pdf

Claudio Gallicchio

The importance of sustainable and efficient computational practices in artificial intelligence (AI) and deep learning has become increasingly critical. This webinar focuses on the intersection of sustainability and AI, highlighting the significance of energy-efficient deep learning, innovative randomization techniques in neural networks, the potential of reservoir computing, and the cutting-edge realm of neuromorphic computing. This webinar aims to connect theoretical knowledge with practical applications and provide insights into how these innovative approaches can lead to more robust, efficient, and environmentally conscious AI systems. Webinar Speaker: Prof. Claudio Gallicchio, Assistant Professor, University of Pisa Claudio Gallicchio is an Assistant Professor at the Department of Computer Science of the University of Pisa, Italy. His research involves merging concepts from Deep Learning, Dynamical Systems, and Randomized Neural Systems, and he has co-authored over 100 scientific publications on the subject. He is the founder of the IEEE CIS Task Force on Reservoir Computing, and the co-founder and chair of the IEEE Task Force on Randomization-based Neural Networks and Learning Systems. He is an associate editor of IEEE Transactions on Neural Networks and Learning Systems (TNNLS).

Artificial Intelligence, Data and Competition – LIM – June 2024 OECD discussion

OECD Directorate for Financial and Enterprise Affairs

Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion

OECD Directorate for Financial and Enterprise Affairs

怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样

kekzed

原版定制【微信:bwp0011】《(lincoln学位证书)英国林肯大学毕业证文凭学位证书》【微信:bwp0011】成绩单、雅思、外壳、留信学历认证永久存档查询，采用学校原版纸张、特殊工艺完全按照原版一比一制作（包括：隐形水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠，文字图案浮雕，激光镭射，紫外荧光，温感，复印防伪）行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备，十五年致力于帮助留学生解决难题，业务范围有加拿大、英国、澳洲、韩国、美国、新加坡，新西兰等学历材料，包您满意。【业务选择办理准则】一、工作未确定，回国需先给父母、亲戚朋友看下文凭的情况，办理一份就读学校的毕业证【微信bwp0011】文凭即可二、回国进私企、外企、自己做生意的情况，这些单位是不查询毕业证真伪的，而且国内没有渠道去查询国外文凭的真假，也不需要提供真实教育部认证。鉴于此，办理一份毕业证【微信bwp0011】即可三、进国企，银行，事业单位，考公务员等等，这些单位是必需要提供真实教育部认证的，办理教育部认证所需资料众多且烦琐，所有材料您都必须提供原件，我们凭借丰富的经验，快捷的绿色通道帮您快速整合材料，让您少走弯路。留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才【关于价格问题（保证一手价格）】我们所定的价格是非常合理的，而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子我给客户的都是第一手的代理价格，因为我想坦诚对待大家不想跟大家在价格方面浪费时间对于老客户或者被老客户介绍过来的朋友，我们都会适当给一些优惠。

The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...

OECD Directorate for Financial and Enterprise Affairs

BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf

Robin Haunschild

Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion

OECD Directorate for Financial and Enterprise Affairs

The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...

OECD Directorate for Financial and Enterprise Affairs

This presentation by Katharine Kemp, Associate Professor at the Faculty of Law & Justice at UNSW Sydney, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp. This presentation was uploaded with the author’s consent.

Proposal: The Ark Project and The BEEP Inc

Raheem Muhammad

1.) Introduction Our Movement is not new; it is the same as it was for Freedom, Justice, and Equality since we were labeled as slaves. However, this movement at its core must entail economics. 2.) Historical Context This is the same movement because none of the previous movements, such as boycotts, were ever completed. For some, maybe, but for the most part, it’s just a place to keep your stable until you’re ready to assimilate them into your system. The rest of the crabs are left in the world’s worst parts, begging for scraps. 3.) Economic Empowerment Our Movement aims to show that it is indeed possible for the less fortunate to establish their economic system. Everyone else – Caucasian, Asian, Mexican, Israeli, Jews, etc. – has their systems, and they all set up and usurp money from the less fortunate. So, the less fortunate buy from every one of them, yet none of them buy from the less fortunate. Moreover, the less fortunate really don’t have anything to sell. 4.) Collaboration with Organizations Our Movement will demonstrate how organizations such as the National Association for the Advancement of Colored People, National Urban League, Black Lives Matter, and others can assist in creating a much more indestructible Black Wall Street. 5.) Vision for the Future Our Movement will not settle for less than those who came before us and stopped before the rights were equal. The economy, jobs, healthcare, education, housing, incarceration – everything is unfair, and what isn’t is rigged for the less fortunate to fail, as evidenced in society. 6.) Call to Action Our movement has started and implemented everything needed for the advancement of the economic system. There are positions for only those who understand the importance of this movement, as failure to address it will continue the degradation of the people deemed less fortunate. No, this isn’t Noah’s Ark, nor am I a Prophet. I’m just a man who wrote a couple of books, created a magnificent website: http://www.thearkproject.llc, and who truly hopes to try and initiate a truly sustainable economic system for deprived people. We may not all have the same beliefs, but if our methods are tried, tested, and proven, we can come together and help others. My website: http://www.thearkproject.llc is very informative and considerably controversial. Please check it out, and if you are afraid, leave immediately; it’s no place for cowards. The last Prophet said: “Whoever among you sees an evil action, then let him change it with his hand [by taking action]; if he cannot, then with his tongue [by speaking out]; and if he cannot, then, with his heart – and that is the weakest of faith.” [Sahih Muslim] If we all, or even some of us, did this, there would be significant change. We are able to witness it on small and grand scales, for example, from climate control to business partnerships. I encourage, invite, and challenge you all to support me by visiting my website.

Using-Presentation-Software-to-the-Fullf.pptx

kainatfatyma9

Disaster Management project for holidays homework and other uses

RIDHIMAGARG21

Recently uploaded (20)

Competition and Regulation in Professions and Occupations – OECD – June 2024 ...

Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...

Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf

Carrer goals.pptx and their importance in real life

nationalismineurope-230420140400-1c53f60e.pptx

原版制作贝德福特大学毕业证（bedfordhire毕业证）硕士文凭原版一模一样

Competition and Regulation in Professions and Occupations – ROBSON – June 202...

Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...

The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...

IEEE CIS Webinar Sustainable futures.pdf

Artificial Intelligence, Data and Competition – LIM – June 2024 OECD discussion

Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion

怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样

The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...

BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf

Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion

The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...

Proposal: The Ark Project and The BEEP Inc

Using-Presentation-Software-to-the-Fullf.pptx

Disaster Management project for holidays homework and other uses

Security Threat Identification and Testing

1. Roberto Carbone, Security & Trust, FBK Luca Compagna, SAP France Lab Annibale Panichella, Delft University of Technology Serena Elisa Ponta, SAP France Lab   Security Threat Identiﬁcation and Testing

2. • Automated security analysis techniques can systematically explore and test the behaviour of the system running in a hostile environment. • Informal specification ! Formal specification • Formal verification ! Test Case Generation • Formal specification ! Real Implementation Goal: Bring them to the market! Motivation and Goals

3. Formal Veriﬁcation Formal Model + Security Property Attack Not Found Model Checker Attack Found Test Execution Engine Adapter Test Case

4. Formal Veriﬁcation Formal Model + Security Property Attack Not Found Model Checker Attack Found Test Execution Engine Adapter Test Case Formal Model vs. Informal Model

5. Formal Models: ASLan++ ASLan++ Sequence Diagram • Easy to understand • Few details • Not useful for formal analysis • Input of the model checker (SATMC) • Many details • More complex to write

6. STIATE toolkit: Architecture Front-end: add-in for Enterprise Modelling Tools (Power Designer). Sequence Diagram (Informal Model) Security Annotations (XMI files) SATMC: model checker for the formal analysis XMI Translator: converts XMI files in formal Models (ASLan) Test Case Execution Mutation: mutation testing for formal models

7. Scenario: SAML-SSO SAML 2.0 Web Browser Single Sign-On Proﬁle: - SAML-based SSO for Google App - Novell Access Manager - SimpleSAMLphp by UNINETT

8. Scenario: SAML-SSO SAML 2.0 Web Browser Single Sign-On Proﬁle: - SAML-based SSO for Google App - Novell Access Manager - SimpleSAMLphp by UNINETT Vulnerabilities due to wrong design choice A. Armando, R. Carbone, L. Compagna, “LTL Model Chencking for Security Protocols” Computer Security Foundation , 2007 Design vs. Implementation A. Armando, R. Carbone, L. Compagna, J. Cueller, F. Pellegrino, , “An authentication ﬂaw in browser-based Single Sign-On protocols: Impact and remediations” Computer & Security, 2013

9. STIATE toolkit: Front-end DEMO…

10. • SATMC reduces the security problem to propositional satisfiability problem (SAT) • Why SAT? Dramatic speed-up of SAT solvers: problems with thousands of variables are now solved routinely in milliseconds. STIATE toolkit: SATMC Satisfiable formula Unsatisfiable formula

11. STIATE toolkit: SATMC DEMO…

12. STIATE toolkit: SATMC ASLan++ v. 1ASLan++ v. 0 SATMC SATMC Attack Not Found Attack Found

13. STIATE toolkit: SATMC ASLan++ v. 1 SATMC Attack Found Vulnerabilities due to wrong design choice A. Armando, R. Carbone, L. Compagna, “LTL Model Chencking for Security Protocols” Computer Security Foundation , 2007

14. STIATE toolkit: SATMC ASLan++ v. 0 SATMC Attack Not Found Let us to suppose that the model checker does not found any attack trace, i.e., the model is secure Can we guarantee that its implementation is still secure?

15. Speciﬁcation vs. Implementation Specification Real Implementation The implementation may deviate from the specification. Thus, even if the theoretical specification is secure, its corresponding implementation may be not secure because of implementation mistakes.

16. Speciﬁcation vs. Implementation There are many widespread and critical errors that can lead to serious vulnerabilities in software. A classification of the top most common errors can be found in http://cwe.mitre.org/top25/index.html#Listing

17. STIATE toolkit: Mutation Injecting vulnerabilities in the model to see if such vulnerabilities could lead to an attack that violates one security properties. Mutating the ASLan++ specification by injecting vulnerabilities that mirror common implementation flaws.

18. STIATE toolkit: Mutation DEMO…

19. STIATE toolkit: MutationSTIATE toolkit: Mutation Original Model

20. STIATE toolkit: MutationSTIATE toolkit: Mutation Original Model Mutated Model

21. STIATE toolkit: Mutation Mutated Model SATMC Attack Found Design vs. Implementation A. Armando, R. Carbone, L. Compagna, J. Cueller, F. Pellegrino, , “An authentication ﬂaw in browser-based Single Sign-On protocols: Impact and remediations” Computer & Security, 2013

22. Summary

23. Summary

24. Summary

25. Summary

26. Summary

27. Summary