Model Driven Security Functional Testing

Model-Driven Engineering (MDE) is emerging as a promising approach that uses models to support various phases of system development lifecycle such as Code Generation and Verification/Validation (V &V). In this project, we develop model-driven methodologies for development of tests for testing the security functions of a product to make the security testing more cost efficient as well as effective in terms of providing the requisite assurance.

What is the Problem:
Security functional testing on many mission-critical products is often expensive and does not provide the end-user of those products with the needed assurance since developer-based tests are proprietary.

Why is NIST Involved:
To facilitate the widespread use of secure products by the government and industry, it is necessary that the mechanism used for obtaining that security assurance – i.e., security evaluation and security functional testing be based on a public domain methodology with requisite properties such as path coverage etc.

Project Goal:
The goal of this project is to define, specify and develop efficient and effective methodologies for security functional testing of products based on models of security function behavior.

Apart from publishing Conference and Journal papers that describe the model-driven security functional testing and developing proof of concept implementations, NIST applied the methodology to develop a suite of Smart Card Interface Conformance Tests (for conformance to FIPS 201 and SP 800-73 specifications) for the NIST Personal Identity Verification Program (http://csrc.nist.gov/groups/SNS/piv/npivp/index.html)