Extraction of ABNF Rules from RFCs to Enable Automated Test Data Generation


The complexity of IT systems and the criticality of robust IT systems is constantly increasing. Testing a system requires consideration of different protocols and interfaces, which makes testing hard and expensive. Test automation is required to improve the quality of systems without cost explosion. Many standards like HTML and FTP are semi-formally defined in RFCs, which makes a generic algorithm for test data generation based on RFC relevant. The proposed approach makes it possible to automatically generate test data for protocols defined as ABNF in RFCs for robustness tests. The introduced approach was shown in practice by generating SIP messages based on the RFC specification of SIP. This approach shows the possibility to generate data for any RFC that uses ABNF, and provides a solid foundation for further empirical evaluation and extension for software testing purposes.

Talk: 28th IFIP TC-11 SEC 2013 International Information Security and Privacy Conference (SEC 2013), Auckland, New Zealand; 07-08-2013 - 07-10-2013; in: “Security and Privacy Protection in Information Processing Systems”, L. Janczewski et al. (ed.); Springer IFIP Advances in Information and Communication Technology, Berlin-Heidelberg (2013), ISBN: 978-3-642-39217-7; 111 - 124
Thomas Grechenig
Thomas Grechenig
Ao.Univ.Prof. Dipl.-Ing. Dr.techn.