Test Case Design Of Security Threats Through State Machine OCL

Abstract

Software testing is one activity for Software Quality Assurance (SQA). One way to test is through Black box test cases at design level. Since UML is a de-facto design language and is one of the most used design language now a day. Therefore, there is need to design black box test cases using UML behavioral diagrams. Object Constraint Language (OCL) is a formal language to write constraints on UML diagrams as it is unambiguous. Although test cases against robustness have been designed through OCL expressions but no test cases as yet have been designed against security specific authentication, access control and availability. Specification and testing of security specific authentication, access Control and availability through OCL. An experiment is performed with a hypothesis ‘if Security Specific Authentication, Access Control and Availability is specified through OCL in state diagram then Test cases can be designed’. We have specifiedsecurity in OCL then same OCL expressions are used to model security in UML state diagram. Furthermore, mutation testing is performed on OCL expressions. Then ECP is done using same extracted mutants. Security specific authentication, access control and availability is specified in OCL and then test cases are designed using a black box testing technique Equivalence Class Partitioning. Hypothesis results shows that one can design test cases through OCL. This thesis shows that Specification and Testing of Security specific authentication, access control and availability through OCL.