Marc-Florian Wendland scite author profile

Marc-Florian Wendland

5Publications

45Citation Statements Received

16Citation Statements Given

How they've been cited

How they cite others

Affiliations

Fraunhofer Institute for Open Communication Systems

Publications

Order By: Most citations

Combining Risk Analysis and Security Testing

Großmann

Schneider

Viehmann

et al. 2014

View full text Add to dashboard Cite

A systematic integration of risk analysis and security testing allows for optimizing the test process as well as the risk assessment itself. The result of the risk assessment, i.e. the identified vulnerabilities, threat scenarios and unwanted incidents, can be used to guide the test identification and may complement requirements engineering results with systematic information concerning the threats and vulnerabilities of a system and their probabilities and consequences. This information can be used to weight threat scenarios and thus help identifying the ones that need to be treated and tested more carefully. On the other side, risk-based testing approaches can help to optimize the risk assessment itself by gaining empirical knowledge on the existence of vulnerabilities, the applicability and consequences of threat scenarios and the quality of countermeasures. This paper outlines a tool-based approach for risk-based security testing that combines the notion of risk-assessment with a pattern-based approach for automatic test generation relying on test directives and strategies and shows how results from the testing are systematically fed back into the risk assessment.

show abstract

Execution of natural language requirements using State Machines synthesised from Behavior Trees

Kim

Myers

Wendland

et al. 2012

Journal of Systems and Software

View full text Add to dashboard Cite

The MIDAS Cloud Platform for Testing SOA Applications

Herbold

Francesco

Grabowski

et al. 2015

View full text Add to dashboard Cite

International audienceWhile Service Oriented Architectures (SOAs) are for many parts deployed online, and today often in a cloud, the testing of the systems still happens mostly locally. In this paper, we want to present the MIDAS Testing as a Service (TaaS), a cloud platform for the testing of SOAs. We focus on the testing of whole SOA orchestrations, a complex task due to the number of potential service interactions and the increasing complexity with each service that joins an orchestration. Since traditional testing does not scale well with such a complex setup, we employ a Model-based Testing (MBT) approach based on the Unified Modeling Language (UML) and the UML Testing Profile (UTP) within MIDAS. Through this, we provide methods for functional testing, security testing, and usage-based testing of service orchestrations. Through harnessing the computational power of the cloud, MIDAS is able to generate and execute complex test scenarios which would be infeasible to run in a local environment

show abstract

How Does the UML Testing Profile Support Risk-Based Testing

Ali

Yue

Hoffmann

et al. 2014

View full text Add to dashboard Cite

Evolution of the UML Interactions Metamodel

Wendland

Schneider

Haugen

2013

View full text Add to dashboard Cite

Abstract. UML Interactions represent one of the three different behavior kinds of the UML. In general, they specify the exchange of messages among parts of a system. Although UML Interactions can reside on different level of abstractions, they seem to be sufficiently elaborated for a higher-level of abstraction where they are used for sketching the communication among parts. Its metamodel reveals some fuzziness and imprecision where definitions should be accurate and concise, though. In this paper, we propose improvements to the UML Interactions' metamodel for Message arguments and Loop CombinedFragments that make them more versatile. We will justify the needs for the improvements by precisely showing the shortcomings of the related parts of the metamodel. We demonstrate the expressiveness of the improvements by applying them to examples that current Interactions definition handles awkwardly.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.