Axini develops tools for model based testing (MBT) and model based software engineering (MBSE). Model based testing is a software testing approach in which test cases are automatically generated and executed from a model, a formal specification of the system under test. This approach allows for a high degree of test automation and more thorough testing.
Security testing generally involves generating (semi)random input and observing whether the system under test breaks, crashes or performs other unintended behavior.
Security testing seems a complimentary approach to model based testing, which starts from a model describing all intended (happy flow) behavior that can be done. We think the knowledge of the system present in the model should allow for more thorough security testing. We are very interested in how these approaches and theories can be combined.
Possible research questions
There are several puzzles and research questions that students can work on.
Recent work
Recent work at Axini on this topic:
- Wouter Bohlken (2020) conducted a systematic review of state-of-the-art fuzzers, identified candidate fuzzers that can be combined with MBT, and implemented frameworks for two possible approaches of combining fuzzers with MBT.