No abstract
Today's cloud computing infrastructures usually require customers who transfer data into the cloud to trust the providers of the cloud infrastructure. Not every customer is willing to grant this trust without justification. It should be possible to detect that at least the configuration of the cloud infrastructure-as provided in the form of a hypervisor and administrative domain software-has not been changed without the customer's consent. We present a system that enables periodical and necessity-driven integrity measurements and remote attestations of vital parts of cloud computing infrastructures. Building on the analysis of several relevant attack scenarios, our system is implemented on top of the Xen Cloud Platform and makes use of trusted computing technology to provide security guarantees. We evaluate both security and performance of this system. We show how our system attests the integrity of a cloud infrastructure and detects all changes performed by system administrators in a typical software configuration, even in the presence of a simulated denial-of-service attack.
Matlab Simulink models, mainly used for the specification of continuous embedded systems, employ a data flow-driven notation well understood by engineers. This notation abstracts from the underlying computational model, hiding run time failures such as over-/underflows and divisions by zero. They are often detected late in the development process by the use of static analysis tools on the completely developed system. The responsible underlying faults are sometimes attributable to a single operation in a model. 8Cage is an automated test case generator for the early detection of such single operation related faults. It is configurable to detect these faults and runs automatically in the background. It tries to find potentially failure-causing operations and generates a test case to gather evidence for an actual fault. 8Cage is usable by developing/testing engineers with knowledge of Matlab. It does not require an expert to perform result validation or fault localization.
This Ph.D thesis proposes a testing methodology based on fault models with an encompassing fault model lifecycle framework. Fault models have superior fault detection ability w.r.t. random testing by capturing what "usually goes wrong". Turning them operational yields the (semi-)automatic generation of test cases directly targeting the captured faults/failures. Each operationalization requires an initial effort for fault/failure description and creation of a test case generator, which is possibly domain-/test level-/application-specific. To allow planning and controlling this effort in practice, a fault model lifecycle framework is proposed capturing the testing methodology. It allows tailoring itself to processes used in organizations and integration into existing quality assurance activities. The contribution of this Ph.D thesis is testing methodology based on fault models to generate test cases and a lifecycle framework for its real-world application in organizations.Index Terms-fault model; fault based testing; mutation testing; test case generation; quality assurance; I. PRELIMINARY HYPOTHESISA good test case detects a potential, or likely, fault with good cost-effectiveness [2]. Using a testing methodology based on generic fault models enables the description of classes of faults/failures by a higher order mutation that captures realworld faults and that hence does not rely on the coupling hypothesis. By means of operationalization, this mutation is used for test case derivation instead of test case assessment, thereby creating "good" test cases. Since the initial effort for operationalization is high, a fault model lifecycle framework enables planning and controlling the employment of the methodology.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.