Security testing for software applications
First Claim
1. A system including instructions recorded on a non-transitory computer-readable medium, and executable by at least one processor, the system comprising:
- a mapping engine configured to cause the at least one processor toaccess, from at least one computer memory, an attack model enumerating software attacks, the software attacks being represented by linked attack components,access, from the at least one computer memory, a software architecture to be tested, the software architecture including a plurality of components and being represented by linked architectural components in an architecture diagram, including at least a first architectural component and a second architectural component representing corresponding components of the plurality of components,access a tag database storing a plurality of attack tags, and select individual attack tags therefrom for attachment to individual components of the attack model and of the architecture diagram, andlink, within the at least one computer memory, each attack component and each architectural component with at least one attack tag characterizing attack requirements;
a global test plan engine configured to cause the at least one processor to construct an attack test model, including generating a first instance of the attack model for the first architectural component and a second instance of the attack model for the second architectural component and linking, within the at least one memory, at least a first attack component of the first instance with the first architectural component and at least a second attack component of the second instance with the second architectural component and further configured to cause the at least one processor to generate an executable attack test workflow from the attack test model; and
a test execution engine configured to cause the at least one processor to execute the attack test workflow to thereby test the software architecture,wherein the global test plan generator includes a scope down engine configured to cause the at least one processor to filter the first instance and the second instance of the attack model, based on correspondence of attack tags of each instance with its corresponding architectural component.
2 Assignments
0 Petitions
Accused Products
Abstract
A mapping engine may be used to determine an attack model enumerating software attacks, the software attacks being represented by linked attack components, and may be used to determine a software architecture to be tested, the software architecture being represented by linked architectural components in an architecture diagram. The mapping engine may then associate each attack component and each architectural component with at least one attack tag characterizing attack requirements. A global test plan generator may be used to determine an attack test model, including associating attack components with corresponding architectural components, based on associated attack tags, and may thus generate attack test workflows from the attack test model, to thereby test the software architecture.
19 Citations
15 Claims
-
1. A system including instructions recorded on a non-transitory computer-readable medium, and executable by at least one processor, the system comprising:
-
a mapping engine configured to cause the at least one processor to access, from at least one computer memory, an attack model enumerating software attacks, the software attacks being represented by linked attack components, access, from the at least one computer memory, a software architecture to be tested, the software architecture including a plurality of components and being represented by linked architectural components in an architecture diagram, including at least a first architectural component and a second architectural component representing corresponding components of the plurality of components, access a tag database storing a plurality of attack tags, and select individual attack tags therefrom for attachment to individual components of the attack model and of the architecture diagram, and link, within the at least one computer memory, each attack component and each architectural component with at least one attack tag characterizing attack requirements; a global test plan engine configured to cause the at least one processor to construct an attack test model, including generating a first instance of the attack model for the first architectural component and a second instance of the attack model for the second architectural component and linking, within the at least one memory, at least a first attack component of the first instance with the first architectural component and at least a second attack component of the second instance with the second architectural component and further configured to cause the at least one processor to generate an executable attack test workflow from the attack test model; and a test execution engine configured to cause the at least one processor to execute the attack test workflow to thereby test the software architecture, wherein the global test plan generator includes a scope down engine configured to cause the at least one processor to filter the first instance and the second instance of the attack model, based on correspondence of attack tags of each instance with its corresponding architectural component. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system including instructions recorded on a non-transitory computer-readable medium, and executable by at least one processor, the system comprising:
-
a mapping engine configured to cause the at least one processor to access, from at least one computer memory, an attack model enumerating software attacks, the software attacks being represented by linked attack components, access, from the at least one computer memory, a software architecture to be tested, the software architecture being represented by linked architectural components in an architecture diagram, and link, within the at least one computer memory, each attack component and each architectural component with at least one attack tag characterizing attack requirements; and a global test plan engine configured to cause the at least one processor to construct an attack test model, including linking, within the at least one memory, attack components with corresponding architectural components, based on associated attack tags, and further configured to cause the at least one processor to generate executable attack test workflows from the attack test model, to thereby test the software architecture, wherein the mapping engine is configured to cause the at least one processor to access a tag database storing a plurality of attack tags, and to select individual attack tags therefrom for attachment to individual components of the attack model and of the architecture diagram.
-
-
7. A system including instructions recorded on a non-transitory computer-readable medium, and executable by at least one processor, the system comprising:
-
a mapping engine configured to cause the at least one processor to access, from at least one computer memory, an attack model enumerating software attacks, the software attacks being represented by linked attack components, access, from the at least one computer memory, a software architecture to be tested, the software architecture being represented by linked architectural components in an architecture diagram, and link, within the at least one computer memory, each attack component and each architectural component with at least one attack tag characterizing attack requirements; and a global test plan generator configured to cause the at least one processor to construct an attack test model, including linking, within the at least one memory, attack components with corresponding architectural components, based on associated attack tags, and further configured to cause the at least one processor to generate attack test workflows from the attack test model, wherein the test execution engine is further configured to cause the at least one processor to provide feedback to the mapping engine characterizing an accuracy of the mapping engine in associating attack tags with one or more attack component and/or architectural component.
-
-
8. A computer-implemented method for executing instructions stored on a computer readable non-transitory storage medium, the method comprising:
-
determining an attack model enumerating software attacks, the software attacks being represented by linked attack components; determining a software architecture to be tested, the software architecture including a plurality of components and being represented by linked architectural components in an architecture diagram, including at least a first architectural component and a second architectural component representing corresponding components of the plurality of components; accessing a tag database storing a plurality of attack tags, and selecting individual attack tags therefrom for attachment to individual components of the attack model and of the architecture diagram; associating each attack component and each architectural component with at least one attack tag characterizing attack requirements; determining an attack test model, including generating a first instance of the attack model for the first architectural component and a second instance of the attack model for the second architectural component and associating at least a first attack component of the first instance with the first architectural component and at least a second attack component of the second instance with the second architectural component, and further including filtering the first instance and the second instance of the attack model, based on correspondence of attack tags of each instance with its corresponding architectural component; generating an executable attack test workflow from the attack test model; and executing the attack test workflows to thereby test the software architecture. - View Dependent Claims (9, 10, 11)
-
-
12. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to:
-
determine an attack model enumerating software attacks, the software attacks being represented by linked attack components; determine a software architecture to be tested, the software architecture including a plurality of components and being represented by linked architectural components in an architecture diagram, including at least a first architectural component and a second architectural component representing corresponding components of the plurality of components; access a tag database storing a plurality of attack tags, and select individual attack tags therefrom for attachment to individual components of the attack model and of the architecture diagram; associate each attack component and each architectural component with at least one attack tag characterizing attack requirements; determine an attack test model, including generating a first instance of the attack model for the first architectural component and a second instance of the attack model for the second architectural component and associating at least a first attack component of the first instance with the first architectural component and at least a second attack component of the second instance with the second architectural component, and further including filtering the first instance and the second instance of the attack model, based on correspondence of attack tags of each instance with its corresponding architectural component; generate an executable attack test workflow from the attack test model; and execute the attack test workflows to thereby test the software architecture. - View Dependent Claims (13, 14)
-
-
15. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to:
-
determine an attack model enumerating software attacks, the software attacks being represented by linked attack components; determine a software architecture to be tested, the software architecture being represented by linked architectural components in an architecture diagram; associate each attack component and each architectural component with at least one attack tag characterizing attack requirements; determine an attack test model, including associating attack components with corresponding architectural components, based on associated attack tags; generate attack test workflows from the attack test model, to thereby test the software architecture, wherein the instructions, when executed, are further configured to associate each attack component and each architectural component with at least one attack tag characterizing attack requirements, including accessing a tag database storing a plurality of attack tags, and selecting individual attack tags therefrom for attachment to individual components of the attack model and of the architecture diagram.
-
Specification