CN110532162A - A kind of fuzz testing script and testing engine based on protocol state machine - Google Patents
A kind of fuzz testing script and testing engine based on protocol state machine Download PDFInfo
- Publication number
- CN110532162A CN110532162A CN201910201771.XA CN201910201771A CN110532162A CN 110532162 A CN110532162 A CN 110532162A CN 201910201771 A CN201910201771 A CN 201910201771A CN 110532162 A CN110532162 A CN 110532162A
- Authority
- CN
- China
- Prior art keywords
- state
- script
- test
- testing
- state machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/18—Protocol analysers
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a kind of fuzz testing script and testing engine based on protocol state machine, it can be realized quick definition state machine model, and test platform can automatic identification state machine model generate state boot script, under state machine test pattern, state boot script is first carried out in testing engine, start official testing process after equipment under test is guided the correct status to test, state boot script and main body test script structure, grammer is consistent, newly-increased xml node is used for definition status machine model, state machine model includes state definition and state transition Action, newly-increased database table migrates Action collection for state definition and controlled state, state machine model reference state defines table, convenient for simplifying the process for establishing state model.
Description
Technical field
The present invention relates to testing engine technical field more particularly to a kind of fuzz testing script based on protocol state machine and
Testing engine.
Background technique
With the development of China's industrial control field and Internet technology, industrial control system is increasingly complicated, networking bring work
The security reliability problem of control system is more and more prominent, and wherein the agreement defect loophole of industry control network devices in system is potential
One of hidden danger, by attack test, the defect loophole of discovering device, so that taking appropriate measures prevention or solves these loopholes
Bring network security problem is a kind of effective ways for improving industry control network safety.
In the world comparative maturity, using more industry control protocol test platform agreement coverage and protocol test
It is widely recognized as in terms of validity, is mark post of other test products during improving, but in face of domestic industry control safety
The testing requirement of field rapid development, mature product can also show apparent limitation, cannot quickly meet flexible complexity
Test request, such as: add new agreement period is long, mode of giving out a contract for a project is inflexible, scalability is poor etc..Based on above existing
Shape has invented a kind of efficient fuzz testing language towards industry control and Internet of Things fidonetFido, automatically generates test script based on this language
With monitoring script, and it testing engine is provided can automatically parse scripting language and generate test data packet and be sent to tested set
It is standby, complete test assignment.This test language and engine are referred to as test platform, this efficient fuzz testing language in the present invention
Speech is so that the new agreement of test platform extension is very convenient, and testing engine framework also ensures the flexibility and extension for mechanism of giving out a contract for a project
Property.
State machine model definition procedure be actually to agreement more comprehensively deeper into parsing, if order packet be agreement
The rudimentary representation form of interaction data, then what state machine then reacted is state of the communication equipment in interaction, different states
Lower equipment carries out communication using different command sets and completes specific function.Fuzz testing based on protocol state machine, basic flow
Journey is similar:
Establish state machine model;
Generation state guides message and test packet sequence;
Testing engine guidance equipment under test reaches the correct status before test;
Testing engine sends test packet;
Abnormality test message analysis, location protocol loophole;
The industry control protocol test product of supported protocol state machine test at present is simultaneously few, and also some is to study a certain spy
Different agreement and the fuzz testing tool based on state machine researched and developed.The depth of a certain agreement can actually be realized in terms of test effect
Degree test, can also improve test coverage, but still have following two problem in terms of the versatility of product:
The process for establishing state machine model is excessively complicated, is largely because of the description language logical comparison that testing tool provides
Complexity, if being not familiar with to agreement itself, establishing state machine model can be the low-down process of efficiency, right
Personnel specialty competency profiling is higher, is also unfavorable for the maintenance extension of model;
Abnormal state detect mechanism, during the test because send abnormal data packet occur equipment state exception situation how
It quick and precisely identifies, this is an important factor for influencing test validity.
Summary of the invention
The object of the invention is that providing a kind of fuzz testing based on protocol state machine to solve the above-mentioned problems
Script and testing engine.
The present invention through the following technical solutions to achieve the above objectives:
A kind of fuzz testing script and testing engine based on protocol state machine, comprises the following modules,
State machine model definition, the state machine model definition includes that state machine model defines element, state defines table and reference
State defines table;
It includes<model>,<state_machine>and<state>that the state machine model, which defines element,;
It includes table name that the state, which defines table: StateMachine;Major key: TransitionID;External key: ProtocolID;It says
It is bright: association Protocol table and Script table;
The reference state defines table, after the process of each state transition is defined, in Script table
StateMachineScript field contents are then transition processes in reference StateMachine table;
The guidance of testing engine state executes, and executes including state initialization, state guidance and monitoring script is empty processing;
State monitoring mechanism, including test script and testing engine.
It is currently preferred,<model>element for defining protocol state machine model framework, under include one or
Multiple<state_machine>elements;
One protocol state machine of<state_machine>element definition, attribute include state machine model title and just
Beginning state carries out state definition using<state>element under<state_machine>element;
<state>element includes the mesh after current state name, migration for defining a state transition process, attribute
Status Name, migration Action collection, Action collection include the elements such as<assign>,<send>,<recv>.
Currently preferred, the state machine initialization includes the following steps,
Step A1 before initializing to test script, first initializes state boot script;
Step A2, the matching of state boot script canonical;
Step A3, Channel, Action information in analysis state boot script simultaneously store.
Currently preferred, the state guidance, which executes, to be included the following steps,
Step B1 after the completion of monitoring script execution, before official testing execution, first carries out state boot script;
Step B2, if state boot script executes failure, test platform will report abnormal end test.
Currently preferred, the monitoring script is empty processing, when it is empty for monitoring script, if guiding foot without state
This, uses backward compatible using test script as monitoring script;If comprising state boot script, with state boot script work
To monitor script.
Currently preferred, the test script, there is defined variation data packets, while also defining reply Packet analyzing
Component, because different agreements needs to call different components, component has to define in test script, and by testing
Engine calling executes.
Currently preferred, the testing engine judges to call in state machine test process and replys Packet analyzing component structure
Retransmitting automatically when abnormal send normal data packet to detect equipment under test state;The engine if the result of feedback is not still inconsistent with expectation
Determine that the protocol status of equipment under test at this time is no longer valid;User can select to terminate test, Huo Zhechong according to actual test demand
New carry out state guidance continues to test.
The beneficial effects of the present invention are:
The present invention can be realized quick definition state machine model, and test platform being capable of automatic identification state machine model generation shape
State boot script, under state machine test pattern, state boot script is first carried out in testing engine, and equipment under test is guided to survey
Start official testing process after correct status before examination, state boot script is consistent with main body test script structure, grammer, increases newly
Xml node is used for definition status machine model, and state machine model includes state definition and state transition Action, increases database table newly
Action collection is migrated for state definition and controlled state, state machine model reference state defines table, establishes state convenient for simplification
The process of model.
Detailed description of the invention
Fig. 1 is a kind of system architecture of fuzz testing script and testing engine based on protocol state machine of the present invention
Figure.
Specific embodiment
The present invention will be further explained below with reference to the attached drawings:
A kind of fuzz testing script and testing engine based on protocol state machine as shown in Figure 1:, comprises the following modules,
State machine model definition, the state machine model definition includes that state machine model defines element, state defines table and reference
State defines table;
It includes<model>,<state_machine>and<state>that the state machine model, which defines element,;
It includes table name that the state, which defines table: StateMachine;Major key: TransitionID;External key: ProtocolID;It says
It is bright: association Protocol table and Script table;
The reference state defines table, after the process of each state transition is defined, in Script table
StateMachineScript field contents are then transition processes in reference StateMachine table;
The ActionList of Connect process:
<assign variable="$opcua_sequence_number" type="UInt">16777216</assign>
<send channel="DEFAULT">
<PDU name="Opcua_Hello" protocol="OPC-UA on TCP">
</PDU>
</send>
<recv channel="DEFAULT">
<PDU name="Opcua_Ack" protocol="OPC-UA on TCP">
</PDU>
</recv>
The ActionList of OpenSecureChannel process:
<send channel="DEFAULT">
<PDU name="Opcua_Open_Secure_Channel_Request" protocol="OPC-UA on TCP">
</PDU>
</send>
<recv channel="DEFAULT">
<PDU name="Opcua_Open_Secure_Channel_Response" protocol="OPC-UA on TCP"
>
</PDU>
</recv>
<assign variable = "$securechannelid"
type="UInt">refer(Opcua_Open_Secure_Channel_Response.securechannelid)</
assign>
The ActionList of Concessionary process:
<assign variable="$opcua_sequence_number" type="UInt">$opcua_sequence_
number + 16777216</assign>
<send channel="DEFAULT">
<PDU name="Opcua_Create_Session_Request" protocol="OPC-UA on TCP">
</PDU>
</send>
<recv channel="DEFAULT">
<PDU name="Opcua_Create_Session_Response" protocol="OPC-UA on TCP">
</PDU>
</recv>
<assign variable="$Opcua_Create_Session_Response_nodeid_encodingmask"
type="UInt">refer(Opcua_Create_Session_Response.opcua_service.createsess
ionrequest.requestheader.authenticationtoken.nodeid_encodingmask)</assign>
<assign variable="$Opcua_Create_Session_Response_nodeid_identifier_
numeric_length"
type="UInt">refer(Opcua_Create_Session_Response.opcua_service.createsess
ionrequest.requestheader.authenticationtoken.nodeid_identifier_numeric_
length)</assign>
<assign variable="$Opcua_Create_Session_Response_nodeid_identifier_
numeric_data"
type="UInt">refer(Opcua_Create_Session_Response.opcua_service.createsess
ionrequest.requestheader.authenticationtoken.nodeid_identifier_numeric_data)
</assign>
The ActionList of ActivateSession process:
<assign variable="$opcua_sequence_number" type="UInt">$opcua_sequence_
number + 16777216</assign>
<send channel="DEFAULT">
<PDU name="Opcua_Activate_Session_Request" protocol="OPC-UA on TCP">
</PDU>
</send>
<recv channel="DEFAULT">
<PDU name="Opcua_Activate_Session_Response" protocol="OPC-UA on TCP">
</PDU>
</recv>
The Browse order test mode boot script content of OPCUA agreement develops are as follows:
<script name="OPC-UAonTCP.Browse.StateMachine" version="2.0.0">
<model>
<channel name="DEFAULT" transport="TCP:4841"/>
<state_machine name="OPCUA" initial="init">
<transition name="Connect"/>
<transition name="OpenSecureChannel"/>
<transition name="CreateSession"/>
<transition name="ActivateSession"/>
</state_machine>
</model>
</script>
The guidance of testing engine state executes, and executes including state initialization, state guidance and monitoring script is empty processing;
State monitoring mechanism, including test script and testing engine.
<model>element for defining protocol state machine model framework, under include one or more<state_
Machine > element;
One protocol state machine of<state_machine>element definition, attribute include state machine model title and just
Beginning state carries out state definition using<state>element under<state_machine>element;
<state>element includes the mesh after current state name, migration for defining a state transition process, attribute
Status Name, migration Action collection, Action collection include the elements such as<assign>,<send>,<recv>.
The state machine, which initializes, to be included the following steps,
Step A1 before initializing to test script, first initializes state boot script;
Step A2, the matching of state boot script canonical;
Step A3, Channel, Action information in analysis state boot script simultaneously store.
Currently preferred, the state guidance, which executes, to be included the following steps,
Step B1 after the completion of monitoring script execution, before official testing execution, first carries out state boot script;
Step B2, if state boot script executes failure, test platform will report abnormal end test.
The monitoring script is empty processing, when it is empty for monitoring script, if state boot script is free of, with test script
It is used as monitoring script backward compatible;If comprising state boot script, using state boot script as monitoring script.
The test script, there is defined variation data packets, while also defining and replying Packet analyzing component, because different
Agreement need to call different components, so component has to define in test script, and called and executed by testing engine.
The testing engine judges to call in state machine test process and retransmit automatically when replying Packet analyzing component structure exception
Normal data packet is sent to detect equipment under test state;Engine determines to be tested at this time and set if the result of feedback is not still inconsistent with expectation
Standby protocol status is no longer valid;User can select to terminate test according to actual test demand, or re-start state guidance
Continue to test.
In conclusion the present invention can be realized quick definition state machine model, and test platform being capable of automatic identification shape
State machine model generates state boot script, and under state machine test pattern, state boot script is first carried out in testing engine, will be by
Measurement equipment starts official testing process, state boot script and main body test script knot after guiding the correct status to test
Structure, grammer are consistent, increase xml node newly and are used for definition status machine model, state machine model includes state definition and state transition
Action increases database table newly for state definition and controlled state and migrates Action collection, and state machine model quotes state definition
Table, convenient for simplifying the process for establishing state model.
Those skilled in the art do not depart from essence and spirit of the invention, can there are many deformation scheme realize the present invention,
The foregoing is merely preferably feasible embodiments of the invention, and not thereby limiting the scope of the invention, all with this
The variation of equivalent structure made by description of the invention and accompanying drawing content, is intended to be included within the scope of the present invention.
Claims (7)
1. a kind of fuzz testing script and testing engine based on protocol state machine, which is characterized in that it comprises the following modules,
State machine model definition, the state machine model definition includes that state machine model defines element, state defines table and reference
State defines table;
It includes<model>,<state_machine>and<state>that the state machine model, which defines element,;
It includes table name that the state, which defines table: StateMachine;Major key: TransitionID;External key: ProtocolID;It says
It is bright: association Protocol table and Script table;
The reference state defines table, after the process of each state transition is defined, in Script table
StateMachineScript field contents are then transition processes in reference StateMachine table;
The guidance of testing engine state executes, and executes including state initialization, state guidance and monitoring script is empty processing;
State monitoring mechanism, including test script and testing engine.
2. a kind of fuzz testing script and testing engine, feature based on protocol state machine according to claim 1 exists
In,
<model>element for defining protocol state machine model framework, under include one or more<state_
Machine > element;
One protocol state machine of<state_machine>element definition, attribute include state machine model title and just
Beginning state carries out state definition using<state>element under<state_machine>element;
<state>element includes the mesh after current state name, migration for defining a state transition process, attribute
Status Name, migration Action collection, Action collection include the elements such as<assign>,<send>,<recv>.
3. a kind of fuzz testing script and testing engine, feature based on protocol state machine according to claim 1 exists
In, the state machine initialization includes the following steps,
Step A1 before initializing to test script, first initializes state boot script;
Step A2, the matching of state boot script canonical;
Step A3, Channel, Action information in analysis state boot script simultaneously store.
4. a kind of fuzz testing script and testing engine, feature based on protocol state machine according to claim 1 exists
In, the state guidance, which executes, to be included the following steps,
Step B1 after the completion of monitoring script execution, before official testing execution, first carries out state boot script;
Step B2, if state boot script executes failure, test platform will report abnormal end test.
5. a kind of fuzz testing script and testing engine, feature based on protocol state machine according to claim 1 exists
In, the monitoring script is empty processing, when it is empty for monitoring script, if being free of state boot script, using test script as
Monitoring script uses backward compatible;If comprising state boot script, using state boot script as monitoring script.
6. a kind of fuzz testing script and testing engine, feature based on protocol state machine according to claim 1 exists
In the test script, there is defined variation data packets, while also defining and replying Packet analyzing component, because of different associations
View needs to call different components, so component has to define in test script, and is called and is executed by testing engine.
7. a kind of fuzz testing script and testing engine, feature based on protocol state machine according to claim 1 exists
In the testing engine judges to call in state machine test process to retransmit automatically when replying Packet analyzing component structure exception and send just
Equipment under test state is surveyed in regular data detective;Engine determines equipment under test at this time if the result of feedback is not still inconsistent with expectation
Protocol status is no longer valid;User can select to terminate test according to actual test demand, or re-start state guidance and continue
Test.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910201771.XA CN110532162A (en) | 2019-03-18 | 2019-03-18 | A kind of fuzz testing script and testing engine based on protocol state machine |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910201771.XA CN110532162A (en) | 2019-03-18 | 2019-03-18 | A kind of fuzz testing script and testing engine based on protocol state machine |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110532162A true CN110532162A (en) | 2019-12-03 |
Family
ID=68659247
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910201771.XA Pending CN110532162A (en) | 2019-03-18 | 2019-03-18 | A kind of fuzz testing script and testing engine based on protocol state machine |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110532162A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110912944A (en) * | 2019-12-31 | 2020-03-24 | 信联科技(南京)有限公司 | CAN equipment safety test system and test method |
| CN111770236A (en) * | 2020-02-13 | 2020-10-13 | 北京沃东天骏信息技术有限公司 | Conversation processing method, device, system, server and storage medium |
| CN112988596A (en) * | 2021-04-27 | 2021-06-18 | 北京全路通信信号研究设计院集团有限公司 | Automatic testing method and system based on state transition |
-
2019
- 2019-03-18 CN CN201910201771.XA patent/CN110532162A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110912944A (en) * | 2019-12-31 | 2020-03-24 | 信联科技(南京)有限公司 | CAN equipment safety test system and test method |
| CN110912944B (en) * | 2019-12-31 | 2021-11-23 | 信联科技(南京)有限公司 | CAN equipment safety test system and test method |
| CN111770236A (en) * | 2020-02-13 | 2020-10-13 | 北京沃东天骏信息技术有限公司 | Conversation processing method, device, system, server and storage medium |
| CN111770236B (en) * | 2020-02-13 | 2021-08-20 | 北京沃东天骏信息技术有限公司 | Conversation processing method, device, system, server and storage medium |
| CN112988596A (en) * | 2021-04-27 | 2021-06-18 | 北京全路通信信号研究设计院集团有限公司 | Automatic testing method and system based on state transition |
| CN112988596B (en) * | 2021-04-27 | 2021-08-03 | 北京全路通信信号研究设计院集团有限公司 | Automatic testing method and system based on state transition |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110351156B (en) | Test method and device | |
| CN101478449B (en) | Protocol automatic test method and system thereof | |
| CN110532162A (en) | A kind of fuzz testing script and testing engine based on protocol state machine | |
| CN110430096A (en) | A kind of gateway test method and equipment | |
| CN101447898A (en) | Test system used for network safety product and test method thereof | |
| CN102546266B (en) | Method and platform for diagnosing network failures | |
| CN107026764A (en) | A kind of remote debugging method, equipment, server and system | |
| CN101478458A (en) | SIP protocol security test method | |
| CN101145977B (en) | A QoS monitoring system and its measuring method of IP data network | |
| CN106330483A (en) | Information acquiring method, client device and server device | |
| CN110232012A (en) | A kind of fuzz testing language protocol test script and testing engine based on xml | |
| CN106776346B (en) | Test method and device of CCMTS (China center testing System) equipment | |
| CN110119350A (en) | Software Development Kit test method, device and equipment and computer storage medium | |
| CN106534130A (en) | Method and system for debugging set-top box based on embedded web | |
| CN113067738A (en) | Network topology visualization function equipment compatibility testing method and system | |
| CN109246189B (en) | Network data distribution method and device, storage medium and server | |
| CN107645428A (en) | A kind of automatic test approach and device | |
| US6697751B2 (en) | Apparatus for assessing communication equipment | |
| JP4979274B2 (en) | Method, system and apparatus for debugging live calls | |
| CN105515890A (en) | OpenFlow protocol consistency testing method and equipment | |
| CN102209010A (en) | Network test system and method | |
| CN105550103B (en) | A kind of automated testing method based on self-defined test script | |
| CN107733743B (en) | Method and system for realizing automatic test of Ethernet bus data | |
| CN105827462B (en) | A kind of Method and kit for detecting the network equipment | |
| CN107888451A (en) | The method of testing and device of a kind of Web server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20191203 |
|
| WD01 | Invention patent application deemed withdrawn after publication |