Tools

Tools related to project or publications

Event log to Conversations

Conversation (a.k.a. session) extraction from event log Highly parallel algorithm to retrieve conversations from event logs, without having any knowledge about the used correlation mechanisms. To make the event log exploration effective and efficient, we devised an algorithm that covers an event log and builds the possible conversation sets w.r.t. the data found within the events. To limit the conversation set exploration and quicker recover good candidates, the algorithm is guided by an heuristic based upon the evaluation of invariants and conversation quality attributes. This heuristic also offers flexibility to users, as the quality and invariants can be adapted to the system context. See paper KDIR21.

Git link ConversationExtraction

Mock Generation for Communicating Systems

Mock generation overview
Mock generation overview
An approach and tool chain for helping developers in:

  • the analysis of a communicating system to classify its components;
  • the choice of mockable components;
  • and the mock generation.

Companion Site

The Model Learning and Checking (MLC) Approach

Integration of the approach with security testing
Integration of the approach with security testing
An approach and tool chain for model learning and verification of security properties on the inferred models.

Companion Site

CkTail

CkTail (Communicating system k-tail) is a model learning tool allowing to get models (IOLTS) and DAGs. It builds a IOLTS for every component participating in the communications and a DAG showing the component’s dependencies. CkTail takes an event log as input.

Git link CkTail V1 Git link CkTail V2

COnfECt

COnfECt is a model inference approach that takes execution traces of a component based system and infers LTSs (Labelled Transition Systems) for each component of the system. It is based on kTail, a passive model learning method that works in two steps:

  1. First, it constructs a tree from the traces, with each branch of the tree corresponding to a trace, and each event to an edge.
  2. Then, it merges all states of this tree that have the same k-future, i.e. the states that have the same future of length k.

The method COnfECt adds two steps to kTail: Trace Analysis & Extraction, and LTS synchronisation.

Git link

Model generation

Model generation
Model generation

TFormat

TFormat is a trace formatting tool. It takes raw messages, sorts out them, transforms them in actions (that can be read by COnfECt), and builds execution traces.

Git link

MCrawlT

Model reverse engineering of Android applications

Feature:

  • models generation, storyboard generation,
  • security vulnerability detection : SQL injection, brute force,
  • crash detection, etc.

wiki link Git link

Storyboard example

Storyboard
Storyboard
Model generation
Model generation
Model generation

APSET

an Android aPplication SEcurity Testing tool for detecting intent-based vulnerabilities.

Git link

Cloud PASTE (Cloud PASsive TEsting)

Cloud PASTE is tool for passively testing Web service compositions deployed in PaaS platforms. At the moment, we provide a version of the tool for Google AppEngine (GAE) only. This passive tester takes a specification described with ioSTSs expressing the functional behaviours of the composition and tests its implementation deployed in GAE.

This passive tester is based upon the notion of transparent proxy for testing. Classical tools for monitoring/passive testing cannot be used with Clouds since the Cloud architecture restricts the access and prevent from installing a classical test architecture (sniffer based tool etc.). So, we derive a model called proxy-tester for testing.

Cloud PASTE page here

Passive tester architecture:

Architecture
Architecture

Tester interface:

Interface
Interface

Black box web service testing WS-AT

WS-AT (Web Service Automatic Test tool) : Random test case generation with random values and predefined values well known for relieving bugs.

A dedicated page for WS-AT, showing its functionning can be found here.

Features:

  • Kind of tests : operation existance, robustness, session

  • provided with a classical interface or with an Eclipse pluggin.

Tester interface:

Interface1
Interface1
Interface2
Interface2

Some results:

Results
Results

And a video :

Test case generation from timed automata and region graphs

Test case generation with the State characterization method. Test case generation with a parallel algorithm using OPENMP

Example with a Timed automaton (part of the GSM protocol):

automaton
automaton

The associated region graph :

Region graph
Region graph

State Caracterization results (complete results here

test cases
test cases

Ajax components automatic testing

Features:

  • Test case generation using random values and predefined values known for relieving bugs. * Test architecture implementation.
  • Tool for modeling Ajax components with UML sequence diagrams.
Editor
Editor

The tester:

Tester
Tester

A video showing some tests:

Mock Generation for Communicating Systems
Companion site of the Mock Generation Approach Mock generation overview An approach and tool chain for helping developers in: the analysis of a communicating system to classify its components; the choice of mockable components; and the mock generation.
Apr 10, 2020
The MLC Approach
Companion site of the MLC approach The Model-Learning-Checking (shortened MLC) approach combines model-learning to generate formal models of IoT systems and model-checking to evaluate whether security properties hold on these models.
Mar 10, 2020