References of "Briand, Lionel 50001049"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailTesting the Untestable: Model Testing of Complex Software-Intensive Systems
Briand, Lionel UL; Nejati, Shiva UL; Sabetzadeh, Mehrdad UL et al

in Proceedings of the 38th International Conference on Software Engineering (ICSE 2016) Companion (2016, May)

Detailed reference viewed: 560 (50 UL)
Full Text
See detailGemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies
Ben Fadhel, Ameni UL; Bianculli, Domenico UL; Briand, Lionel UL

Report (2016)

A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC ... [more ▼]

A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC policies. However, the expressiveness of these models has not been matched by specification languages for RBAC policies. Indeed, existing policy specification languages do not support all the types of RBAC policies defined in the literature. In this paper we aim to bridge the gap between highly-expressive RBAC models and policy specification languages, by presenting GemRBAC-DSL, a new specification language designed on top of an existing, generalized conceptual model for RBAC. The language sports a syntax close to natural language, to encourage its adoption among practitioners. We also define semantic checks to detect conflicts and inconsistencies among the policies written in a GemRBAC-DSL specification. We show how the semantics of GemRBAC-DSL can be expressed in terms of an existing formalization of RBAC policies as OCL (Object Constraint Language) constraints on the corresponding RBAC conceptual model. This formalization paves the way to define a model-driven approach for the enforcement of policies written in GemRBAC-DSL. [less ▲]

Detailed reference viewed: 162 (22 UL)
Full Text
Peer Reviewed
See detailClustering Deviations for Black Box Regression Testing of Database Applications
Rogstad, Erik; Briand, Lionel UL

in IEEE Transactions on Reliability (2016), 65(1), 4-18

Detailed reference viewed: 198 (41 UL)
Full Text
Peer Reviewed
See detailA model-driven approach to representing and checking RBAC contextual policies.
Ben Fadhel, Ameni UL; Bianculli, Domenico UL; Briand, Lionel UL et al

in Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016) (2016, March)

Detailed reference viewed: 264 (30 UL)
Full Text
Peer Reviewed
See detailAutomated Classification of Legal Cross References Based on Semantic Intent
Sannier, Nicolas UL; Adedjouma, Morayo; Sabetzadeh, Mehrdad UL et al

in 22nd International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ'16) (2016, March)

Detailed reference viewed: 259 (43 UL)
Full Text
See detailAutomated Testing of Web Application Firewalls
Appelt, Dennis UL; Nguyen, Duy Cu UL; Briand, Lionel UL

Report (2016)

Web application firewalls (WAF) are an indispensable mechanism to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their increasing sophistication ... [more ▼]

Web application firewalls (WAF) are an indispensable mechanism to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their increasing sophistication require WAFs to be updated and tested regularly as otherwise they will be circumvented. In this paper, we focus our research on WAFs and SQL injection attacks, but the general principles and strategy could be adapted to other contexts. We present a machine learning-driven testing approach to automatically detect holes in WAFs that let SQL injection attacks bypass them. At the beginning, the approach can automatically generate diverse attacks (tests) and then submit them to a system that is protected by a WAF. Incrementally learning from the tests that are blocked or accepted by the WAF, our approach can then select tests that exhibit characteristics associated with bypassing the WAF and mutate them to efficiently generate new bypassing attacks. In the race against cyberattacks, time is vital. Being able to learn and anticipate more attacks that can circumvent a WAF in a timely manner is very important in order to quickly fix or fine-tune protection rules. We developed a tool that implements the approach and evaluated it on ModSecurity, a widely used WAF, and a proprietary WAF that protects a financial institution. Evaluation results indicate that our proposed technique is efficient at generating SQL injection attacks that can bypass a WAF and can be used to identify successful attack patterns. [less ▲]

Detailed reference viewed: 584 (28 UL)
Full Text
Peer Reviewed
See detailAutomated Change Impact Analysis between SysML Models of Requirements and Design
Nejati, Shiva UL; Sabetzadeh, Mehrdad UL; Arora, Chetan UL et al

in 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, Seattle 13-18 November 2016 (2016)

An important activity in systems engineering is analyzing how a change in requirements will impact the design of a system. Performing this analysis manually is expensive, particularly for complex systems ... [more ▼]

An important activity in systems engineering is analyzing how a change in requirements will impact the design of a system. Performing this analysis manually is expensive, particularly for complex systems. In this paper, we propose an approach to automatically identify the impact of requirements changes on system design, when the requirements and design elements are expressed using models. We ground our approach on the Systems Modeling Language (SysML) due to SysML’s increasing use in industrial applications. Our approach has two steps: For a given change, we first apply a static slicing algorithm to extract an estimated set of impacted model elements. Next, we rank the elements of the resulting set according to a quantitative measure designed to predict how likely it is for each element to be impacted. The measure is computed using Natural Language Processing (NLP) applied to the textual content of the elements. Engineers can then inspect the ranked list of elements and identify those that are actually impacted. We evaluate our approach on an industrial case study with 16 real-world requirements changes. Our results suggest that, using our approach, engineers need to inspect on average only 4.8% of the entire design in order to identify the actually-impacted elements. We further show that our results consistently improve when our analysis takes into account both structural and behavioral diagrams rather than only structural ones, and the natural-language content of the diagrams in addition to only their structural and behavioral content. [less ▲]

Detailed reference viewed: 266 (30 UL)
Full Text
Peer Reviewed
See detailModel-Based Simulation of Legal Requirements: Experience from Tax Policy Simulation
Soltana, Ghanem UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL

in 24th IEEE International Conference on Requirements Engineering (RE'16) (2016)

Using models for expressing legal requirements is now commonplace in Requirements Engineering. Models of legal requirements, on the one hand, facilitate communication between software engineers and legal ... [more ▼]

Using models for expressing legal requirements is now commonplace in Requirements Engineering. Models of legal requirements, on the one hand, facilitate communication between software engineers and legal experts, and on the other hand, provide a basis for systematic and automated analysis. The most prevalent application of legal requirements models is for checking the compliance of software systems with laws and regulations. In this experience paper, we explore a complementary application of legal requirements models, namely simulation. We observe that, in domains such as taxation, the same models that underlie legal compliance analysis bring important added value by enabling simulation. Concretely, this paper reports on the model-based simulation of selected legal requirements (policies) derived from Luxembourg’s Income Tax Law. The simulation scenario considered in the paper is aimed at analyzing the impact of a current tax law reform proposal in Luxembourg. We describe our approach for simulation along with empirical results demonstrating the feasibility and accuracy of the approach. We further present lessons learned from the experience. [less ▲]

Detailed reference viewed: 169 (22 UL)
Full Text
Peer Reviewed
See detailSimCoTest: A Test Suite Generation Tool for Simulink/Stateflow Controllers
Matinnejad, Reza UL; Nejati, Shiva UL; Briand, Lionel UL et al

in Proceedings of the 38th International Conference on Software Engineering (2016)

Detailed reference viewed: 225 (26 UL)
Full Text
Peer Reviewed
See detailAutomated Test Suite Generation for Time-Continuous Simulink Models
Matinnejad, Reza UL; Nejati, Shiva UL; Briand, Lionel UL et al

in Proceedings of the 38th International Conference on Software Engineering (2016)

All engineering disciplines are founded and rely on models, al- though they may differ on purposes and usages of modeling. Inter- disciplinary domains such as Cyber Physical Systems (CPSs) seek approaches ... [more ▼]

All engineering disciplines are founded and rely on models, al- though they may differ on purposes and usages of modeling. Inter- disciplinary domains such as Cyber Physical Systems (CPSs) seek approaches that incorporate different modeling needs and usages. Specifically, the Simulink modeling platform greatly appeals to CPS engineers due to its seamless support for simulation and code generation. In this paper, we propose a test generation approach that is applicable to Simulink models built for both purposes of simulation and code generation. We define test inputs and outputs as signals that capture evolution of values over time. Our test gener- ation approach is implemented as a meta-heuristic search algorithm and is guided to produce test outputs with diverse shapes according to our proposed notion of diversity. Our evaluation, performed on industrial and public domain models, demonstrates that: (1) In con- trast to the existing tools for testing Simulink models that are only applicable to a subset of code generation models, our approach is applicable to both code generation and simulation Simulink mod- els. (2) Our new notion of diversity for output signals outperforms random baseline testing and an existing notion of signal diversity in revealing faults in Simulink models. (3) The fault revealing ability of our test generation approach outperforms that of the Simulink Design Verifier, the only testing toolbox for Simulink. [less ▲]

Detailed reference viewed: 297 (34 UL)
Full Text
Peer Reviewed
See detailTesting Advanced Driver Assistance Systems using Multi-objective Search and Neural Networks
Ben Abdessalem (helali), Raja UL; Nejati, Shiva UL; Briand, Lionel UL et al

in International Conference on Automated Software Engineering (ASE 2016) (2016)

Recent years have seen a proliferation of complex Advanced Driver Assistance Systems (ADAS), in particular, for use in autonomous cars. These systems consist of sensors and cameras as well as image ... [more ▼]

Recent years have seen a proliferation of complex Advanced Driver Assistance Systems (ADAS), in particular, for use in autonomous cars. These systems consist of sensors and cameras as well as image processing and decision support software components. They are meant to help drivers by providing proper warnings or by preventing dangerous situations. In this paper, we focus on the problem of design time testing of ADAS in a simulated environment. We provide a testing approach for ADAS by combining multi- objective search with surrogate models developed based on neural networks. We use multi-objective search to guide testing towards the most critical behaviors of ADAS. Surrogate modeling enables our testing approach to explore a larger part of the input search space within limited computational resources. We characterize the condition under which the multi-objective search algorithm behaves the same with and without surrogate modeling, thus showing the accuracy of our approach. We evaluate our approach by applying it to an industrial ADAS system. Our experiment shows that our approach automatically identifies test cases indicating critical ADAS behaviors. Further, we show that combining our search algorithm with surrogate modeling improves the quality of the generated test cases, especially under tight and realistic computational resources. [less ▲]

Detailed reference viewed: 534 (128 UL)
Full Text
Peer Reviewed
See detailLocalizing Multiple Faults in Simulink Models.
Liu, Bing UL; Lucia, Lucia UL; Nejati, Shiva UL et al

in 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016) (2016)

As Simulink is a widely used language in the embedded industry, there is a growing need to support debugging activities for Simulink models. In this work, we propose an approach to localize multiple ... [more ▼]

As Simulink is a widely used language in the embedded industry, there is a growing need to support debugging activities for Simulink models. In this work, we propose an approach to localize multiple faults in Simulink models. Our approach builds on statistical debugging and is iterative. At each iteration, we identify and resolve one fault and re-test models to focus on localizing faults that might have been masked before. We use decision trees to cluster together failures that satisfy similar (logical) conditions on model blocks or inputs. We then present two alternative selection criteria to choose a cluster that is more likely to yield the best fault localization results among the clusters produced by our decision trees. Engineers are expected to inspect the ranked list obtained from the selected cluster to identify faults. We evaluate our approach on 240 multi-fault models obtained from three different industrial subjects. We compare our approach with two baselines: (1) Statistical debugging without clustering, and (2) State-of-the-art clustering-based statistical debugging. Our results show that our approach significantly reduces the number of blocks that engineers need to inspect in order to localize all faults, when compared with the two baselines. Furthermore, with our approach, there is less performance degradation than in the baselines when increasing the number of faults in the underlying models. [less ▲]

Detailed reference viewed: 297 (41 UL)
Full Text
Peer Reviewed
See detailSOFIA: An Automated Security Oracle for Black-Box Testing of SQL-Injection Vulnerabilities
Ceccato, Mariano; Nguyen, Duy Cu UL; Appelt, Dennis UL et al

in Proceedings of the 31th IEEE/ACM International Conference on Automated Software Engineering (2016)

Security testing is a pivotal activity in engineering secure software. It consists of two phases: generating attack inputs to test the system, and assessing whether test executions expose any ... [more ▼]

Security testing is a pivotal activity in engineering secure software. It consists of two phases: generating attack inputs to test the system, and assessing whether test executions expose any vulnerabilities. The latter phase is known as the security oracle problem. In this work, we present SOFIA, a Security Oracle for SQL-Injection Vulnerabilities. SOFIA is programming-language and source-code independent, and can be used with various attack generation tools. Moreover, because it does not rely on known attacks for learning, SOFIA is meant to also detect types of \sqli attacks that might be unknown at learning time. The oracle challenge is recast as a one-class classification problem where we learn to characterise legitimate SQL statements to accurately distinguish them from \sqli attack statements. We have carried out an experimental validation on six applications, among which two are large and widely-used. SOFIA was used to detect real \sqli vulnerabilities with inputs generated by three attack generation tools. The obtained results show that SOFIA is computationally fast and achieves a recall rate of 100\% (i.e., missing no attacks) with a low false positive rate (0.6\%). [less ▲]

Detailed reference viewed: 210 (26 UL)
Full Text
Peer Reviewed
See detailCost-effective Strategies for the Regression Testing of Database Applications: Case study and Lessons Learned
Rogstad, Erik; Briand, Lionel UL

in Journal of Systems and Software (2016), 113

Detailed reference viewed: 141 (27 UL)
Full Text
Peer Reviewed
See detailCombining Genetic Algorithms and Constraint Programming to Support Stress Testing of Task Deadlines
DI ALESIO, Stefano; Briand, Lionel UL; Nejati, Shiva UL et al

in ACM Transactions on Software Engineering & Methodology (2015), 25(1),

Tasks in Real Time Embedded Systems (RTES) are often subject to hard deadlines, that constrain how quickly the system must react to external inputs. These inputs and their timing vary in a large domain ... [more ▼]

Tasks in Real Time Embedded Systems (RTES) are often subject to hard deadlines, that constrain how quickly the system must react to external inputs. These inputs and their timing vary in a large domain depending on the environment state, and can never be fully predicted prior to system execution. Therefore, approaches for stress testing must be developed to uncover possible deadline misses of tasks for different input arrival times. In this paper, we describe stress test case generation as a search problem over the space of task arrival times. Specifically, we search for worst case scenarios maximizing deadline misses where each scenario characterizes a test case. In order to scale our search to large industrial-size problems, we combine two state-of-the-art search strategies, namely Genetic Algorithms (GA) and Constraint Programming (CP). Our experimental results show that, in comparison with GA and CP in isolation, GA+CP achieves nearly the same effectiveness as CP and the same efficiency and solution diversity as GA, thus combining the advantages of the two strategies. In light of these results, we conclude that a combined GA+CP approach to stress testing is more likely to scale to large and complex systems. [less ▲]

Detailed reference viewed: 430 (48 UL)
Full Text
Peer Reviewed
See detailEvolutionary Robustness Testing of Data Processing Systems using Models and Data Mutation
Di Nardo, Daniel UL; Pastore, Fabrizio UL; Arcuri, Andrea UL et al

in Proceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering (2015, November)

System level testing of industrial data processing software poses several challenges. Input data can be very large, even in the order of gigabytes, and with complex constraints that define when an input ... [more ▼]

System level testing of industrial data processing software poses several challenges. Input data can be very large, even in the order of gigabytes, and with complex constraints that define when an input is valid. Generating the right input data to stress the system for robustness properties (e.g. to test how faulty data is handled) is hence very complex, tedious and error prone when done manually. Unfortunately, this is the current practice in industry. In previous work, we defined a methodology to model the structure and the constraints of input data by using UML class diagrams and OCL constraints. Tests were automatically derived to cover predefined fault types in a fault model. In this paper, to obtain more effective system level test cases, we developed a novel search-based test generation tool. Experiments on a real-world, large industrial data processing system show that our automated approach can not only achieve better code coverage, but also accomplishes this using significantly smaller test suites. [less ▲]

Detailed reference viewed: 291 (32 UL)
Full Text
Peer Reviewed
See detailApplying Product Line Use Case Modeling in an Industrial Automotive Embedded System: Lessons Learned and a Refined Approach
Hajri, Ines UL; Göknil, Arda UL; Briand, Lionel UL et al

in 2015 ACM/IEEE 18th International Conference on Model Driven Engineering Languages and Systems (MODELS), September 30 - October 2, 2015, Ottawa, ON, Canada (2015, October 03)

In this paper, we propose, apply, and assess Product line Use case modeling Method (PUM), an approach that supports modeling variability at different levels of granularity in use cases and domain models ... [more ▼]

In this paper, we propose, apply, and assess Product line Use case modeling Method (PUM), an approach that supports modeling variability at different levels of granularity in use cases and domain models. Our motivation is that, in many software development environments, use case modeling drives interactions among stakeholders and, therefore, use cases and domain models are common practice for requirements elicitation and analysis. In PUM, we integrate and adapt existing product line extensions for use cases and introduce some template extensions for use case specifications. Variability is captured in use case diagrams while it is reflected at a greater level of detail in use case specifications. Variability in domain concepts is captured in domain models. PUM is supported by a tool relying on Natural Language Processing (NLP). We successfully applied PUM to an industrial automotive embedded system and report lessons learned and results from structured interviews with experienced engineers. [less ▲]

Detailed reference viewed: 285 (99 UL)
Full Text
Peer Reviewed
See detailNARCIA: An Automated Tool for Change Impact Analysis in Natural Language Requirements
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Göknil, Arda UL et al

in 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, Bergamo 30 August - 4 September 2015 (2015, September)

We present NARCIA, a tool for analyzing the impact of change in natural language requirements. For a given change in a requirements document, NARCIA calculates quantitative scores suggesting how likely ... [more ▼]

We present NARCIA, a tool for analyzing the impact of change in natural language requirements. For a given change in a requirements document, NARCIA calculates quantitative scores suggesting how likely each requirements statement in the document is to be impacted. These scores, computed using Natural Language Processing (NLP), are used for sorting the requirements statements, enabling the user to focus on statements that are most likely to be impacted. To increase the accuracy of change impact analysis, NARCIA provides a mechanism for making explicit the rationale behind changes. NARCIA has been empirically evaluated on two industrial case studies. The results of this evaluation are briefly highlighted. [less ▲]

Detailed reference viewed: 239 (32 UL)
Full Text
Peer Reviewed
See detailUMTG: A Toolset to Automatically Generate System Test Cases from Use Case Specifications
Wang, Chunhui UL; Pastore, Fabrizio UL; Göknil, Arda UL et al

in 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, Bergamo 30 August - 4 September 2015 (2015, September)

We present UMTG, a toolset for automatically generating executable and traceable system test cases from use case specifications. UMTG employs Natural Language Processing (NLP), a restricted form of use ... [more ▼]

We present UMTG, a toolset for automatically generating executable and traceable system test cases from use case specifications. UMTG employs Natural Language Processing (NLP), a restricted form of use case specifications, and constraint solving. Use cases are expected to follow a template with restriction rules that reduce imprecision and enable NLP. NLP is used to capture the control flow implicitly described in use case specifications. Finally, to generate test input, constraint solving is applied to OCL constraints referring to the domain model of the system. UMTG is integrated with two tools that are widely adopted in industry, IBM Doors and Rhapsody. UMTG has been successfully evaluated on an industrial case study. [less ▲]

Detailed reference viewed: 316 (44 UL)
Full Text
Peer Reviewed
See detailKnown XML Vulnerabilities Are Still a Threat to Popular Parsers and Open Source Systems
Jan, Sadeeq UL; Nguyen, Duy Cu UL; Briand, Lionel UL

in The 2015 IEEE International Conference on Software Quality, Reliability & Security, Vancouver 3-5 August 2015 (2015, August 03)

The Extensible Markup Language (XML) is extensively used in software systems and services. Various XML-based attacks, which may result in sensitive information leakage or denial of services, have been ... [more ▼]

The Extensible Markup Language (XML) is extensively used in software systems and services. Various XML-based attacks, which may result in sensitive information leakage or denial of services, have been discovered and published. However, due to development time pressures and limited security expertise, such attacks are often overlooked in practice. In this paper, following a rigorous and extensive experimental process, we study the presence of two types of XML-based attacks: BIL and XXE in 13 popular XML parsers. Furthermore, we investigate whether open-source systems that adopt a vulnerable XML parser apply any mitigation to prevent such attacks. Our objective is to provide clear and solid scientific evidence about the extent of the threat associated with such XML-based attacks and to discuss the implications of the obtained results. Our conclusion is that most of the studied parsers are vulnerable and so are systems that use them. Such strong evidence can be used to raise awareness among software developers and is a strong motivation for developers to provide security measures to thwart BIL and XXE attacks before deployment when adopting existing XML parsers. [less ▲]

Detailed reference viewed: 188 (23 UL)