References of "Briand, Lionel 50001049"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailAutomated Testing of Hybrid Simulink/Stateflow Controllers: Industrial Case Studies
Matinnejad, Reza UL; Nejati, Shiva UL; Briand, Lionel UL

in Proceedings of 11TH JOINT MEETING OF THE EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND THE ACM SIGSOFT SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING (ESEC/FSE 2017) (2017)

We present the results of applying our approach for testing Simulink controllers to one public and one proprietary model, both industrial. Our approach combines explorative and exploitative search ... [more ▼]

We present the results of applying our approach for testing Simulink controllers to one public and one proprietary model, both industrial. Our approach combines explorative and exploitative search algorithms to visualize the controller behavior over its input space and to identify test scenarios in the controller input space that violate or are likely to violate the controller requirements. The engineers' feedback shows that our approach is easy to use in practice and gives them confidence about the behavior of their models. [less ▲]

Detailed reference viewed: 383 (39 UL)
Full Text
Peer Reviewed
See detailA Search-based Testing Approach for XML Injection Vulnerabilities in Web Applications
Jan, Sadeeq UL; Nguyen, Duy Cu UL; Andrea, Arcuri UL et al

in 10th IEEE International Conference on Software Testing, Verification and validation (ICST 2017), Tokyo 13-18 March 2017 (2017)

In most cases, web applications communicate with web services (SOAP and RESTful). The former act as a front-end to the latter, which contain the business logic. A hacker might not have direct access to ... [more ▼]

In most cases, web applications communicate with web services (SOAP and RESTful). The former act as a front-end to the latter, which contain the business logic. A hacker might not have direct access to those web services (e.g., they are not on public networks), but can still provide malicious inputs to the web application, thus potentially compromising related services. Typical examples are XML injection attacks that target SOAP communications. In this paper, we present a novel, search-based approach used to generate test data for a web application in an attempt to deliver malicious XML messages to web services. <br />Our goal is thus to detect XML injection vulnerabilities in web applications. The proposed approach is evaluated on two studies, including an industrial web application with millions of users. Results show that we are able to effectively generate test data (e.g., input values in an HTML form) that detect such vulnerabilities. [less ▲]

Detailed reference viewed: 395 (39 UL)
Full Text
Peer Reviewed
See detailAn Automated Framework for Detection and Resolution of Cross References in Legal Texts
Sannier, Nicolas UL; Adedjouma, Morayo; Sabetzadeh, Mehrdad UL et al

in Requirements Engineering (2017), 22(2), 215-237

When identifying and elaborating compliance requirements, analysts need to follow the cross references in legal texts and consider the additional information in the cited provisions. Enabling easier ... [more ▼]

When identifying and elaborating compliance requirements, analysts need to follow the cross references in legal texts and consider the additional information in the cited provisions. Enabling easier navigation and handling of cross references requires automated support for the detection of the natural language expressions used in cross references, the interpretation of cross references in their context, and the linkage of cross references to the targeted provisions. In this article, we propose an approach and tool sup- port for automated detection and resolution of cross references. The approach leverages the structure of legal texts, formalized into a schema, and a set of natural language patterns for legal cross reference expressions. These patterns were developed based on an investigation of Luxembourg’s legislation, written in French. To build confidence about their applicability beyond the context where they were observed, these patterns were validated against the Personal Health Information Protection Act (PHIPA) by the Government of Ontario, Canada, written in both French and English. We report on an empirical evaluation where we assess the accuracy and scalability of our framework over several Luxembourgish legislative texts as well as PHIPA. [less ▲]

Detailed reference viewed: 443 (70 UL)
Full Text
Peer Reviewed
See detailPUMConf: A Tool to Configure Product Specific Use Case and Domain Models in a Product Line
Hajri, Ines UL; Göknil, Arda UL; Briand, Lionel UL et al

in 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering (2016, November)

We present PUMConf, a tool for supporting configuration that currently focuses on requirements and enables effective product line management in the context of use case-driven development. By design, it ... [more ▼]

We present PUMConf, a tool for supporting configuration that currently focuses on requirements and enables effective product line management in the context of use case-driven development. By design, it relies exclusively on variability modeling for artifacts that are commonly used in such contexts (i.e., use case diagram, specifications and domain model). For given Product Line (PL) use case and domain models, PUMConf checks the consistency of the models, interactively receives configuration decisions from analysts, automatically checks decision consistency, and generates Product Specific (PS) use case and domain models from the PL models and decisions. It has been evaluated on an industrial case study in the automotive domain. [less ▲]

Detailed reference viewed: 304 (96 UL)
Full Text
Peer Reviewed
See detailExtracting Domain Models from Natural-Language Requirements: Approach and Industrial Evaluation
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in 19th International Conference on Model Driven Engineering Languages and Systems, Saint-Malo 2-7 October 2016 (2016, October)

Domain modeling is an important step in the transition from natural-language requirements to precise specifications. For large systems, building a domain model manually is laborious. Several approaches ... [more ▼]

Domain modeling is an important step in the transition from natural-language requirements to precise specifications. For large systems, building a domain model manually is laborious. Several approaches exist to assist engineers with this task, where Natural Language Processing is employed for automated extraction of domain model elements. Despite the existing approaches, important facets remain under-explored. Notably, there is limited empirical evidence about the usefulness of existing extraction rules in industry. Furthermore, important opportunities for enhancing the extraction rules are yet to be exploited. We develop a domain model extractor by bringing together existing extraction rules and proposing important enhancements. We apply our model extractor to four industrial requirements documents, reporting on the frequency of different extraction rules being applied. We conduct an expert study over one of these documents, investigating the accuracy and overall effectiveness of our domain model extractor. [less ▲]

Detailed reference viewed: 528 (74 UL)
Full Text
Peer Reviewed
See detailSimulink Fault Localisation: an Iterative Statistical Debugging Approach
Liu, Bing UL; Lucia, Lucia UL; Nejati, Shiva UL et al

in Software Testing, Verification & Reliability (2016), 26(6), 431-459

Debugging Simulink models presents a significant challenge in the embedded industry. In this work, we propose SimFL, a fault localization approach for Simulink models by combining statistical debugging ... [more ▼]

Debugging Simulink models presents a significant challenge in the embedded industry. In this work, we propose SimFL, a fault localization approach for Simulink models by combining statistical debugging and dynamic model slicing. Simulink models, being visual and hierarchical, have multiple outputs at different hierarchy levels. Given a set of outputs to observe for localizing faults, we generate test execution slices, for each test case and output, of the Simulink model. In order to further improve fault localization accuracy, we propose iSimFL, an iterative fault localization algorithm. At each iteration, iSimFL increases the set of observable outputs by including outputs at lower hierarchy levels, thus increasing the test oracle cost but offsetting it with significantly more precise fault localization. We utilize a heuristic stopping criterion to avoid unnecessary test oracle extension. We evaluate our work on three industrial Simulink models from Delphi Automotive. Our results show that, on average, SimFL ranks faulty blocks in the top 8.9% in the list of suspicious blocks. Further, we show that iSimFL significantly improves this percentage down to 4.4% by requiring engineers to observe only an average of five additional outputs at lower hierarchy levels on top of high-level model outputs. [less ▲]

Detailed reference viewed: 333 (59 UL)
Full Text
Peer Reviewed
See detailAutomated and Effective Testing of Web Services for XML Injection Attacks
Jan, Sadeeq UL; Nguyen, Duy Cu UL; Briand, Lionel UL

in ISSTA'16-The International Symposium on Software Testing and Analysis, Saarbrücken 18-20 July 2016 (2016, July 18)

XML is extensively used in web services for integration and data exchange. Its popularity and wide adoption make it an attractive target for attackers and a number of XML-based attack types have been ... [more ▼]

XML is extensively used in web services for integration and data exchange. Its popularity and wide adoption make it an attractive target for attackers and a number of XML-based attack types have been reported recently. This raises the need for cost-effective, automated testing of web services to detect XML-related vulnerabilities, which is the focus of this paper. We discuss a taxonomy of the types of XML injection attacks and use it to derive four different ways to mutate XML messages, turning them into attacks (tests) automatically. Further, we consider domain constraints and attack grammars, and use a constraint solver to generate XML messages that are both malicious and valid, thus making it more difficult for any protection mechanism to recognise them. As a result, such messages have a better chance to detect vulnerabilities. Our evaluation on an industrial case study has shown that a large proportion (78.86%) of the attacks generated using our approach could circumvent the first layer of security protection, an XML gateway (firewall), a result that is much better than what a state-of-the-art tool based on fuzz testing could achieve. [less ▲]

Detailed reference viewed: 467 (32 UL)
Full Text
See detailReACP: A Semi-Automated Framework for Reverse-engineering and Testing of Access Control Policies of Web Applications
Le, Ha Thanh UL; Nguyen, Duy Cu UL; Briand, Lionel UL

Report (2016)

This technical report details our a semi-automated framework for the reverse-engineering and testing of access control (AC) policies for web-based applications. In practice, AC specifications are often ... [more ▼]

This technical report details our a semi-automated framework for the reverse-engineering and testing of access control (AC) policies for web-based applications. In practice, AC specifications are often missing or poorly documented, leading to AC vulnerabilities. Our goal is to learn and recover AC policies from implementation, and assess them to find AC issues. Built on top of a suite of security tools, our framework automatically explores a system under test, mines domain input specifications from access request logs, and then, generates and executes more access requests using combinatorial test generation. We apply machine learning on the obtained data to characterise relevant attributes that influence access control to learn policies. Finally, the inferred policies are used for detecting AC issues, being vulnerabilities or implementation errors. We have evaluated our framework on three open-source applications with respect to correctness and completeness. The results are very promising in terms of the quality of inferred policies, more than 94% of them are correct with respect to implemented AC mechanisms. The remaining incorrect policies are mainly due to our unrefined permission classification. Moreover, a careful analysis of these policies has revealed 92 vulnerabilities, many of them are new. [less ▲]

Detailed reference viewed: 301 (25 UL)
Full Text
Peer Reviewed
See detailGemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies
Ben Fadhel, Ameni UL; Bianculli, Domenico UL; Briand, Lionel UL

in 21st ACM Symposium on Access Control Models and Technologies (SACMAT 2016) (2016, June)

A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC ... [more ▼]

A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC policies. However, the expressiveness of these models has not been matched by specification languages for RBAC policies. Indeed, existing policy specification languages do not support all the types of RBAC policies defined in the literature. In this paper we aim to bridge the gap between highly-expressive RBAC models and policy specification languages, by presenting GemRBAC-DSL, a new specification language designed on top of an existing, generalized conceptual model for RBAC. The language sports a syntax close to natural language, to encourage its adoption among practitioners. We also define semantic checks to detect conflicts and inconsistencies among the policies written in a GemRBAC-DSL specification. We show how the semantics of GemRBAC-DSL can be expressed in terms of an existing formalization of RBAC policies as OCL (Object Constraint Language) constraints on the corresponding RBAC conceptual model. This formalization paves the way to define a model-driven approach for the enforcement of policies written in GemRBAC-DSL. [less ▲]

Detailed reference viewed: 285 (26 UL)
Full Text
Peer Reviewed
See detailTesting the Untestable: Model Testing of Complex Software-Intensive Systems
Briand, Lionel UL; Nejati, Shiva UL; Sabetzadeh, Mehrdad UL et al

in Proceedings of the 38th International Conference on Software Engineering (ICSE 2016) Companion (2016, May)

Detailed reference viewed: 673 (53 UL)
Full Text
See detailGemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies
Ben Fadhel, Ameni UL; Bianculli, Domenico UL; Briand, Lionel UL

Report (2016)

A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC ... [more ▼]

A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC policies. However, the expressiveness of these models has not been matched by specification languages for RBAC policies. Indeed, existing policy specification languages do not support all the types of RBAC policies defined in the literature. In this paper we aim to bridge the gap between highly-expressive RBAC models and policy specification languages, by presenting GemRBAC-DSL, a new specification language designed on top of an existing, generalized conceptual model for RBAC. The language sports a syntax close to natural language, to encourage its adoption among practitioners. We also define semantic checks to detect conflicts and inconsistencies among the policies written in a GemRBAC-DSL specification. We show how the semantics of GemRBAC-DSL can be expressed in terms of an existing formalization of RBAC policies as OCL (Object Constraint Language) constraints on the corresponding RBAC conceptual model. This formalization paves the way to define a model-driven approach for the enforcement of policies written in GemRBAC-DSL. [less ▲]

Detailed reference viewed: 225 (24 UL)
Full Text
See detailAutomated Testing of Web Application Firewalls
Appelt, Dennis UL; Nguyen, Duy Cu UL; Briand, Lionel UL

Report (2016)

Web application firewalls (WAF) are an indispensable mechanism to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their increasing sophistication ... [more ▼]

Web application firewalls (WAF) are an indispensable mechanism to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their increasing sophistication require WAFs to be updated and tested regularly as otherwise they will be circumvented. In this paper, we focus our research on WAFs and SQL injection attacks, but the general principles and strategy could be adapted to other contexts. We present a machine learning-driven testing approach to automatically detect holes in WAFs that let SQL injection attacks bypass them. At the beginning, the approach can automatically generate diverse attacks (tests) and then submit them to a system that is protected by a WAF. Incrementally learning from the tests that are blocked or accepted by the WAF, our approach can then select tests that exhibit characteristics associated with bypassing the WAF and mutate them to efficiently generate new bypassing attacks. In the race against cyberattacks, time is vital. Being able to learn and anticipate more attacks that can circumvent a WAF in a timely manner is very important in order to quickly fix or fine-tune protection rules. We developed a tool that implements the approach and evaluated it on ModSecurity, a widely used WAF, and a proprietary WAF that protects a financial institution. Evaluation results indicate that our proposed technique is efficient at generating SQL injection attacks that can bypass a WAF and can be used to identify successful attack patterns. [less ▲]

Detailed reference viewed: 853 (29 UL)
Full Text
Peer Reviewed
See detailA model-driven approach to representing and checking RBAC contextual policies.
Ben Fadhel, Ameni UL; Bianculli, Domenico UL; Briand, Lionel UL et al

in Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016) (2016, March)

Detailed reference viewed: 359 (32 UL)
Full Text
Peer Reviewed
See detailAutomated Classification of Legal Cross References Based on Semantic Intent
Sannier, Nicolas UL; Adedjouma, Morayo; Sabetzadeh, Mehrdad UL et al

in 22nd International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ'16) (2016, March)

Detailed reference viewed: 347 (50 UL)
Full Text
Peer Reviewed
See detailClustering Deviations for Black Box Regression Testing of Database Applications
Rogstad, Erik; Briand, Lionel UL

in IEEE Transactions on Reliability (2016), 65(1), 4-18

Detailed reference viewed: 281 (41 UL)
Full Text
Peer Reviewed
See detailSimCoTest: A Test Suite Generation Tool for Simulink/Stateflow Controllers
Matinnejad, Reza UL; Nejati, Shiva UL; Briand, Lionel UL et al

in Proceedings of the 38th International Conference on Software Engineering (2016)

Detailed reference viewed: 292 (29 UL)
Full Text
Peer Reviewed
See detailCost-effective Strategies for the Regression Testing of Database Applications: Case study and Lessons Learned
Rogstad, Erik; Briand, Lionel UL

in Journal of Systems and Software (2016), 113

Detailed reference viewed: 223 (27 UL)
Full Text
Peer Reviewed
See detailModel-Based Simulation of Legal Requirements: Experience from Tax Policy Simulation
Soltana, Ghanem UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL

in 24th IEEE International Conference on Requirements Engineering (RE'16) (2016)

Using models for expressing legal requirements is now commonplace in Requirements Engineering. Models of legal requirements, on the one hand, facilitate communication between software engineers and legal ... [more ▼]

Using models for expressing legal requirements is now commonplace in Requirements Engineering. Models of legal requirements, on the one hand, facilitate communication between software engineers and legal experts, and on the other hand, provide a basis for systematic and automated analysis. The most prevalent application of legal requirements models is for checking the compliance of software systems with laws and regulations. In this experience paper, we explore a complementary application of legal requirements models, namely simulation. We observe that, in domains such as taxation, the same models that underlie legal compliance analysis bring important added value by enabling simulation. Concretely, this paper reports on the model-based simulation of selected legal requirements (policies) derived from Luxembourg’s Income Tax Law. The simulation scenario considered in the paper is aimed at analyzing the impact of a current tax law reform proposal in Luxembourg. We describe our approach for simulation along with empirical results demonstrating the feasibility and accuracy of the approach. We further present lessons learned from the experience. [less ▲]

Detailed reference viewed: 270 (23 UL)
Full Text
Peer Reviewed
See detailSOFIA: An Automated Security Oracle for Black-Box Testing of SQL-Injection Vulnerabilities
Ceccato, Mariano; Nguyen, Duy Cu UL; Appelt, Dennis UL et al

in Proceedings of the 31th IEEE/ACM International Conference on Automated Software Engineering (2016)

Security testing is a pivotal activity in engineering secure software. It consists of two phases: generating attack inputs to test the system, and assessing whether test executions expose any ... [more ▼]

Security testing is a pivotal activity in engineering secure software. It consists of two phases: generating attack inputs to test the system, and assessing whether test executions expose any vulnerabilities. The latter phase is known as the security oracle problem. In this work, we present SOFIA, a Security Oracle for SQL-Injection Vulnerabilities. SOFIA is programming-language and source-code independent, and can be used with various attack generation tools. Moreover, because it does not rely on known attacks for learning, SOFIA is meant to also detect types of \sqli attacks that might be unknown at learning time. The oracle challenge is recast as a one-class classification problem where we learn to characterise legitimate SQL statements to accurately distinguish them from \sqli attack statements. We have carried out an experimental validation on six applications, among which two are large and widely-used. SOFIA was used to detect real \sqli vulnerabilities with inputs generated by three attack generation tools. The obtained results show that SOFIA is computationally fast and achieves a recall rate of 100\% (i.e., missing no attacks) with a low false positive rate (0.6\%). [less ▲]

Detailed reference viewed: 318 (30 UL)
Full Text
Peer Reviewed
See detailLocalizing Multiple Faults in Simulink Models.
Liu, Bing UL; Lucia, Lucia UL; Nejati, Shiva UL et al

in 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016) (2016)

As Simulink is a widely used language in the embedded industry, there is a growing need to support debugging activities for Simulink models. In this work, we propose an approach to localize multiple ... [more ▼]

As Simulink is a widely used language in the embedded industry, there is a growing need to support debugging activities for Simulink models. In this work, we propose an approach to localize multiple faults in Simulink models. Our approach builds on statistical debugging and is iterative. At each iteration, we identify and resolve one fault and re-test models to focus on localizing faults that might have been masked before. We use decision trees to cluster together failures that satisfy similar (logical) conditions on model blocks or inputs. We then present two alternative selection criteria to choose a cluster that is more likely to yield the best fault localization results among the clusters produced by our decision trees. Engineers are expected to inspect the ranked list obtained from the selected cluster to identify faults. We evaluate our approach on 240 multi-fault models obtained from three different industrial subjects. We compare our approach with two baselines: (1) Statistical debugging without clustering, and (2) State-of-the-art clustering-based statistical debugging. Our results show that our approach significantly reduces the number of blocks that engineers need to inspect in order to localize all faults, when compared with the two baselines. Furthermore, with our approach, there is less performance degradation than in the baselines when increasing the number of faults in the underlying models. [less ▲]

Detailed reference viewed: 390 (41 UL)