CN106330601A - Test case generating method and device - Google Patents
Test case generating method and device Download PDFInfo
- Publication number
- CN106330601A CN106330601A CN201610697317.4A CN201610697317A CN106330601A CN 106330601 A CN106330601 A CN 106330601A CN 201610697317 A CN201610697317 A CN 201610697317A CN 106330601 A CN106330601 A CN 106330601A
- Authority
- CN
- China
- Prior art keywords
- field
- data
- variation
- test case
- definition
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012360 testing method Methods 0.000 title claims abstract description 157
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000004891 communication Methods 0.000 claims abstract description 21
- 238000005516 engineering process Methods 0.000 claims description 15
- 230000006835 compression Effects 0.000 claims description 3
- 238000007906 compression Methods 0.000 claims description 3
- 230000006870 function Effects 0.000 description 81
- 230000002159 abnormal effect Effects 0.000 description 4
- 238000013499 data model Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 201000004569 Blindness Diseases 0.000 description 2
- 235000006040 Prunus persica var persica Nutrition 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 244000144730 Amygdalus persica Species 0.000 description 1
- 240000005809 Prunus persica Species 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000008034 disappearance Effects 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/18—Protocol analysers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a test case generating method and device. The method comprises the steps of firstly, selecting a function code corresponding to a certain function of a MODBUS protocol, then acquiring the definition of each field included in a data packet with the function, and selecting a field for controlling MODBUS protocol communication from the fields as an invariable field, wherein the remaining fields are variable fields; and varying at least one variable field, thereby generating a test case not in conformity with the definitions of the varied fields or data setting. Understandably, the method and the device for generating the test case based on the MODBUS protocol are more specific; and in the method, the field for controlling MODBUS protocol communication is regarded as an invariable field, and the variable fields are specifically varied, so that invalid redundant test cases can be prevented from being generated and the test efficiency is effectively improved.
Description
Technical field
The invention belongs to software technology field, particularly to a kind of method for generating test case and device.
Background technology
Along with the development of network technology, between equipment and the equipment of industrial control field, powerful the Internet is relied on also to become
Obtain more and more tightr.It is generally based on Internet protocol between each industrial control equipment and carries out data interaction and communication.Such as,
Modbus/TCP agreement is widely used in industry control industry, and it has been not only the communications protocol of a PLC, in intelligence
Many smart machines such as instrument, converter have and are quite widely applied.Although industrial control equipment is connected to network can
Conveniently realize remotely management and monitoring, but also expose control equipment itself while communication, so that control
Equipment is easily subject to the malicious attack of Malware and hacker, and once industrial control network information security starts a leak, will be to work
Industry production run causes major hidden danger.Therefore, how to reduce the potential safety hazard of industry control network communication protocol be one urgently to be resolved hurrily
Problem.
Testing the main method used for protocol security at present is fuzz testing method.Fuzz testing is a kind of black box
Measuring technology or random test technology, be a kind of mode of protocol security testing, and its ultimate principle is by substantial amounts of deformity number
According to being input in target program, and monitor any exception that target program produces during performing, record cause abnormal defeated
Enter data, thus position the position of defect in target program, have found that it is likely that the security breaches of existence.
The most key stage being to generate fuzz testing data in fuzz testing, namely the generation of test case.But,
Owing to fuzz testing has blindness, existing fuzz testing is arbitrarily to take in input data space when generating test case
Value, automatically generates and sends the most random value, and the test case so produced is having not yet entered into target greatly
Just being rejected inside program, namely create many useless test cases, the testing time causing random test to produce is long,
Bulk redundancy test input, testing efficiency is relatively low.Additionally, the test case that existing fuzz testing generates is for interconnection mostly
The test case of net procotol, for industry control agreement, such as Modbus/TCP agreement, the most special Test cases technology
Method so that the test of Modbus/TCP agreement does not have specific aim, testing efficiency is relatively low.
Summary of the invention
The invention provides a kind of method for generating test case and device, in order to solve in prior art in the fuzzy survey of employing
When Modbus agreement is tested by method for testing, test case blindness is big, does not have specific aim, the defect that testing efficiency is low.
First aspect, the invention provides a kind of method for generating test case, for generating the survey for Modbus agreement
Example on probation, described method includes:
One is chosen as objective function code in several function codes prestored;Wherein, several function codes described, for
Several function codes corresponding to packet performing difference in functionality operation of Modbus agreement regulation;
Specify according to Modbus agreement, obtain the definition of each field in the packet corresponding with described objective function code;
Choose in function code field and each field for controlling the field of test case communication function as immutable
Field, using remaining field as variable field;Described immutable field is set to preset value, so that described test case support
Communicate based on Modbus agreement;At least one field in described variable field is carried out random variation, to generate and institute
State the test case that definition is not inconsistent or data setting is not inconsistent of at least one field.
Alternatively, described at least one field in described variable field is carried out random variation, with generate with described extremely
The step of the test case that the definition of a few field is not inconsistent or data setting is not inconsistent, including:
The data of all variable fields are carried out random variation, to generate what the definition with described variable field data was not inconsistent
Test case.
Alternatively, described at least one field in described variable field is carried out random variation, with generate with described extremely
The step of the test case that the definition of a few field is not inconsistent or data setting is not inconsistent, including:
The data of a part of field in described variable field are set to seriatim or in combination preset value, described default
Value includes the maximum in the span of described field definition, minima or intermediate value;
The data of another part field in described variable field are carried out random value variation, with generate with described another
The test case that the definition of partial words segment data is not inconsistent.
Alternatively, described at least one field in described variable field is carried out random variation, with generate with described extremely
The step of the test case that the definition of a few field is not inconsistent or data setting is not inconsistent, including:
Element identifier (element ID) field, function code field and the length of data field length is represented by described variable field is used for
Field is set to preset value, to any one in described element identifier (element ID) field, function code field and data field or a combination thereof
Carry out making a variation and lengthening or compress physical length, to generate the unmatched survey of preset value of physical length and described length field
Example on probation.
Alternatively, described random variation includes that data element deletes variation, and data element repeats variation, and virtual value makes a variation,
Or the Numerical Boundary variation in the numerical range of each field definition.
Second aspect, the invention provides a kind of Test cases technology device, for generating the survey for Modbus agreement
Example on probation, described device includes:
Function code selects unit, for choosing one as objective function code in several function codes prestored;Wherein,
Several function codes described, for several functions corresponding to the packet performing difference in functionality operation of Modbus agreement regulation
Code;
Acquiring unit, for specifying according to Modbus agreement, obtains in the packet corresponding with described objective function code each
The definition of individual field;
Field selects variation unit, is used for choosing in function code field and each field for controlling test case communication
The field of function is as immutable field, using remaining field as variable field;Described immutable field is set to preset value,
So that described test case support communicates based on Modbus agreement;At least one field in described variable field is carried out
Random variation, to generate the test case that the definition with at least one field described is not inconsistent or data setting is not inconsistent.
Alternatively, described field selects variation unit, is additionally operable to the data of all variable fields are carried out random variation, with
Generate the test case that the definition with described variable field data is not inconsistent.
Alternatively, described field selects variation unit, is additionally operable to:
The data of a part of field in described variable field are set to seriatim or in combination preset value, described default
Value includes the maximum in the span of described field definition, minima or intermediate value;
The data of another part field in described variable field are carried out random value variation, with generate with described another
The test case that the definition of partial words segment data is not inconsistent.
Alternatively, described field selects variation unit, is additionally operable to:
Element identifier (element ID) field, function code field and the length of data field length is represented by described variable field is used for
Field is set to preset value, to any one in described element identifier (element ID) field, function code field and data field or a combination thereof
Carry out making a variation and lengthening or compress physical length, to generate the unmatched survey of preset value of physical length and described length field
Example on probation.
Alternatively, described random variation includes that data element deletes variation, and data element repeats variation, and virtual value makes a variation,
Or the Numerical Boundary variation in the numerical range of each field definition.
The invention provides a kind of method for generating test case and device, in the method, first select MODBUS agreement
The function code that a certain function is corresponding, then obtain the definition with each field comprised in the packet of this function, at each word
Selecting the field controlling MODBUS protocol communication as immutable field in Duan, remaining is variable field, and can at least one
Mutilation section makes a variation, thus generation is not inconsistent with these field definition morphed or data arrange the test case not being inconsistent.
It is understood that due to the present invention provide method in using control MODBUS protocol communication field as immutable field,
Only variable field is made a variation such that it is able to avoid generating and cannot survey based on the invalid redundancy that MODBUS agreement communicates
Example on probation, is effectively improved testing efficiency, and what the method that the present invention provides in addition generated is the test case for MODBUS agreement,
Therefore have more specific aim, improve the efficiency of test further.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, embodiment will be described below
The accompanying drawing used required in is briefly described, it should be apparent that, the accompanying drawing in describing below is only some of the present invention
Example, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to according to these accompanying drawings
Obtain other accompanying drawing.
A kind of method for generating test case flow chart that Fig. 1 provides for the present invention;
The equipment under test normal packet capturing schematic diagram that Fig. 2 provides for the present invention;
Equipment under test abnormal packet capturing schematic diagram after receiving test case that Fig. 3 provides for the present invention;
The equipment under test that Fig. 4 (a)-4 (b) provides for present invention TCP communication connection status before and after receiving test case
Schematic diagram.
A kind of Test cases technology apparatus structure schematic diagram that Fig. 5 provides for the present invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Describe, it is clear that described embodiment is only a part of embodiment of the present invention rather than whole embodiments wholely.Based on
Embodiment in the present invention, the every other reality that ordinary skill people is obtained under not making creative work premise
Execute example, broadly fall into the scope of protection of the invention.
For ease of understanding, the data form first the Modbus bus protocol related in the present invention and this agreement specified
It is described in detail.
Modbus/TCP is application layer Message Protocol, is mainly used under different types of bus or network connect
Client computer and server between communication.Modbus/TCP data frame packet is containing heading, function code domain and three, data territory portion
Point.
Wherein, function code here is for when user end to server equipment sends message, and instruction server performs
Action type.Function code specifically can be divided into public function code, user's defined function code and reservation function code, and table 1 lists portion
Divide conventional public function code.
The definition of part public function code in table 1Modbus agreement
Based on foregoing, first aspect, the invention provides a kind of method for generating test case, be used for generating test
The test case of Modbus agreement, as it is shown in figure 1, include:
S101, in several function codes prestored, choose one as objective function code;Wherein, several functions described
Code, for several function codes corresponding to the packet performing difference in functionality operation of Modbus agreement regulation;
S102, according to Modbus agreement specify, obtain each field in the packet corresponding with described objective function code
Definition;
S103, choose in function code field and each field for controlling the field of test case communication function as not
Variable field, using remaining field as variable field;Described immutable field is set to preset value, so that described test case
Support to communicate based on Modbus agreement;At least one field in described variable field is carried out random variation, to generate
Definition with at least one field described is not inconsistent or data arrange the test case not being inconsistent.
The method for generating test case that the present invention provides, first selects the function that a certain function of MODBUS agreement is corresponding
Code, then obtain the definition with each field comprised in the packet of this function, select to control MODBUS in each field
The field of protocol communication is as immutable field, and remaining is variable field, and makes a variation at least one variable field, thus
Generation is not inconsistent with these field definition morphed or data arrange the test case not being inconsistent.It is understood that due to this
Using the field of control MODBUS protocol communication as immutable field in the method that invention provides, only variable field is become
Different such that it is able to avoid generating the invalid redundancy testing use-case that cannot communicate based on MODBUS agreement, be effectively improved survey
Examination efficiency, what the method that the present invention provides in addition generated is the test case for MODBUS agreement, therefore has more specific aim,
Improve the efficiency of test further.
It is understood that in the specific implementation, step S103 of said method embodiment can be in several ways
Realize, below the most several optional embodiments are described in detail.
Example one, data to all variable fields carry out random variation, to generate the definition with variable field data not
The test case of symbol.
Specifically, function code field is for when sending message from client computer to server apparatus, indicating server
Which kind of, by performing the field of feature operation, test, therefore at this owing to present invention is generally directed to each function of Modbus
In need keep function code field.The Test cases technology side of the read-write multiregister function with function code field as 0x17 below
As a example by method, how the method that describing the present invention in detail provides generates the test case of read-write multiregister function.
Table 2 shows the definition (bag of application data each field of ADU of packet when function code field is 0x17
Include heading, function code domain and data territory).
Multiregister function application data ADU field definition read and write by table 2
In these fields of table 2, protocol identifier here is immutable, because protocol identifier is known by 0 value
Other Modbus agreement.The most distinguishingly, it is also possible to generate the test case that protocol identifier is set to nonzero value, in the present invention
Middle elder generation does not the most consider the test case that this class is special.
Here element identifier (element ID) is little on the impact of fuzz testing result, is therefore set to variable immutable.Due to
TCP/IP utilizes IP addressing of address Modbus server, therefore element identifier (element ID) is set to fixed value, for example, it is possible to be set to
Use value 0xFF, naturally it is also possible to be set to other value.
Transaction identifier represents that with unit symbol is similar, little on the impact of fuzz testing result equally, is therefore set to
Variable immutable.Transaction identifier contacts for setting up between request and response, must at synchronization identifier
Must be unique.Owing to Modbus/Tcp can send multiple requests card without waiting for server to same server
Real, number of requests that server receives depends on its capacity, therefore, here can be according to the type of equipment, by issued transaction mark
Know a certain value that symbol is set in 1~16.It addition, transaction identifier is it can also be provided that incremental form, thus formed
Multiple test cases.
Narration based on the above-mentioned definition for these fields, here it is considered that above-mentioned field may be used for controlling
Above-mentioned several fields, therefore in the present embodiment, are set to immutable field by the communication of Modbus/Tcp agreement, and be these not
Variable field gives corresponding preset value respectively, so that the test case generated can be carried out normally based on Modbus/Tcp agreement
Communication.Again field in addition to these fields in table 2 is all carried out random variation such that it is able to generate and variable field
The test case that definition is not inconsistent, for testing the read-write multiregister function of Modbus/Tcp agreement.
Example two, the data of a part of field in variable field are set to preset value seriatim or in combination, preset
Value includes the maximum in the span of field definition, minima or intermediate value;To another part field in variable field
Data carry out random value variation, to generate the test case not being inconsistent with the definition of another part field data.
Specifically, also as a example by the method for generating test case of read-write multiregister function, first, similar with example one
, from table 2, first select function code field, protocol identifier field, element identifier (element ID) field and transaction identifier
Field, as immutable field, is set to preset value, thus ensures that the test case generated can be based on Modbus/Tcp
Agreement communicates normally.Table 2 selects m field again, then by this m field seriatim or group in n variable field
Closing ground and be set to preset value, wherein, preset value here can be the value that this field is representative in span, such as
Maximum, minima or intermediate value.Finally other n-m field is carried out random value variation, thus to generate and this n-m
The test case that the definition of field data is not inconsistent.Wherein, each field in m field can be taken different preset values here,
Then permutation and combination is carried out, such that it is able to generate multiple test case.Such as, if m=2, the most selected two fields are respectively
Take maximum, minima or intermediate value in span, then permutation and combination is exactly 9 kinds of situations, generates 9 test cases.
Understandable, for the method that example one provides, the content comprised for a certain field is carried out at random
During variation, this field contents could be made a variation as value representative in span, such as maximum by the least probability
Value, minima or intermediate value.Thus it is difficult to the situation that field contents is representative value is tested.Therefore, example two carries
The generation method of confession can be supplemented as the one of example one method so that the coverage of the method test that the present invention provides is more
Greatly, thus improve the effectiveness of test.
Example three, represent element identifier (element ID) field, function code field and data field length by variable field is used for
Length field is set to preset value, to any one in element identifier (element ID) field, function code field and data field or a combination thereof
Carrying out making a variation and lengthening or compress physical length, to generate, physical length is unmatched with the preset value of length field tests use
Example.The most still as a example by the function code of read-write multiregister, as shown in table 2, for the function code of read-write multiregister,
The length value of element identifier (element ID), function code and data field length is 11+N*2 byte.The effect of length value here is to refer to
Showing the length of message, transmit even if message is divided into multiple information bag, length information can make recipient identify message boundaries.
Lengthen if any one in element identifier (element ID) field, function code field and data field or a combination thereof are made a variation or
Compression physical length, makes physical length not be inconsistent with the length value of above-mentioned setting, then can generate the test case that length is abnormal.?
In this case, recipient cannot correctly identify the message boundaries of reality, arises that reception is abnormal, such that it is able to different to length
Normal situation is tested.
It is understood that above-mentioned this method is primarily directed to the situation of Prescribed Properties, the such as length in packet
Degree field refers to the length of subsequent byte in Modbus agreement stipulations, needs just to can determine that according to byte length result of calculation,
And when the value being deliberately lengthened or shortened Modbus packet and length field is fixed, without to constraint in target program
Condition carries out fault-tolerant, is easy for ging wrong, such that it is able to test such situation.
In sum, which partial words is the present invention, about how selecting the variation of remaining at least some of field, select the most on earth
Duan Jinhang makes a variation:
Function code is classified as the first order, different function codes follow-up with field different;
For each function code, follow-up with field different, more specifically determine which field is immutable and variable;Can not
Mutilation section keeps constant, and for variable field:
Can all make a variation, i.e. second level classification, advantage is that test is comprehensive, as described in example one;
Some field can also be selected to take preset value in its span, as described in example two;
Some field can also be selected to take preset value according to restrictive relation, such as length.Which field is specifically selected to set pre-
If value is exactly third level classification.
So test case can present the distribution as tree structure according to these three grades of classification.
Specifically, 10 function codes just have 10 one-level child nodes, to each one-level child node, according to the second fraction
Class, all can have the test case that variable field all makes a variation;
To each one-level child node, classify according to the third level, some field in variable field all can be had to take the survey of preset value
Try out example, and preset value can be to take preset value in its span, it is also possible to take preset value according to restrictive relation.
It should be noted that the variation in said method embodiment all can be realized by multiple random algorithm, at random
Algorithm can include that Numerical Boundary makes a variation, and data element deletes variation, and data element repeats variation, virtual value variation etc..For
Special character can be there to be special variation mode.Such as, in Frame containing character type field, except purely
Numerical value makes a variation, it is also possible to the variation data of structure character types, say, that deformity data genaration strategy specifically includes: integer type
Field is by arranging different particular values structure integer overflow type deformity packets;Character type field is different by arranging
Spcial character structure deformity packet, including use overlength character string for detect character string overflow, NULL end mark disappearance
Illegal string, format string etc..It is, of course, also possible to include other variation types, this is not especially limited by the present invention.
Understandable, the illustration in said method embodiment is only to facilitate be more fully understood that the present invention is real
Execute the generation method of the test case that example provides, the concrete restriction to the present invention can not be constituted.And above-mentioned each is the most real
Executing and will not influence each other between mode, the scheme obtained by combination in any between each preferred implementation all should fall into this
The protection domain of invention.
Additionally, in the specific implementation, the generation method of the test case that the present embodiment provides all can use fuzz testing
Framework generates the file that the test case data for a certain function defines.Preferably, test case is to comprise following label field
Xml document:
Wherein,
1) first order label<peach></Peach>including whole file, for version introduction etc..
2) second level label includes Include, DataModel, StateModel, Agent, Test, Run, wherein:
3) Include label field is used for comprising external file, containing the basic skills of fuzz testing framework, class, data class
Type etc..
4) DataModel label field is used for definition data structure, can also have some levels, several subordinate mark under this label
Sign.Use these subtabs can be relatively easy to define data type, size, the relation between each data block, and
CRC check and etc..Furthermore, it is possible to define multiple DataModel, relation between multiple DataModel, can be had not have
Relation.
5) StateModel label field is for defining the logic of test, is effectively equivalent to a state machine.Subordinate's label
Including State for representing a state, each State can comprise again several Action labels, be used for performing transmission
The order of packet etc.
6) Agent label field is used for detecting exception, crash etc., is i.e. used for monitoring the reaction of measured target.
7) Test label field is for specifying the state that will use, Agent, publisher etc., how to send out
Data, also may specify and make how process data.
8) inlet point that Run label field performs for specifying fuzz testing, which i.e. current current fuzz testing uses
Test。
Certainly, a kind of optional embodiment of the generation method of above-mentioned Data Definitions File, it is also possible to by its other party
Formula generates, and this is not especially limited by the present invention.
For proving the superiority of the present invention, the present invention has done a series of test experiments.The most still deposit with read-write more
As a example by the function code of device, the method provided based on example one, keep function code constant, keep reading amount field, writing initial address
Field, write amount field, content that joint number of writing field comprises constant, origing address field (OAF) and the genus of write value field will be read
Property be variation be true, equipment under test before receiving test case and receive the state after test case can be such as Fig. 2-Fig. 4
Shown in.
Obviously, as in figure 2 it is shown, equipment under test is not when receiving test case, it is possible to normally set up TCP and connect, place
In normal packet capturing state.Once receive test case, exception will occur as shown in Figure 3, it is impossible to set up TCP and connect,
And server end does not responds to TCP yet and connects.Accordingly, the ON that the communication connected state of TCP is also illustrated from Fig. 4 (a) becomes Fig. 4
B OFF that () illustrates, such that it is able to carry out effective leak test to this function.
It should be noted that in order to be able to generate the test case that coverage rate is high, except the function of above-mentioned read-write multiregister
Code, it is also possible to other function codes are analyzed by the method provided based on said method embodiment, generate the survey of other function codes
Example on probation.The different field interested that simultaneously can also be for every kind of function code is tested, the leak having found that it is likely that, here
Not enumerating, table 3 is for causing the statistical table of mistake after difference in functionality code test different field.
The statistical table of mistake is caused after table 3 difference in functionality code test different field
Second aspect, the invention provides a kind of Test cases technology device, the method provided with first aspect present invention
Correspondence, for generating the test case of test Modbus agreement stipulations, as it is shown in figure 5, include:
Function code selects unit 501, for choosing one as objective function code in several function codes prestored;Its
In, several function codes, for several functions corresponding to the packet performing difference in functionality operation of Modbus agreement regulation
Code;
Acquiring unit 502, for specifying according to Modbus agreement, obtains in the packet corresponding with objective function code each
The definition of field;
Field selects variation unit 503, is used for choosing in function code field and each field for controlling test case
The field of communication function is as immutable field, using remaining field as variable field;Immutable field is set to preset value,
So that test case support communicates based on Modbus agreement;At least one field in variable field is become at random
Different, to generate the test case that the definition with at least one field is not inconsistent or data setting is not inconsistent.
In the specific implementation, field selects variation unit 503, is additionally operable to: carry out the data of all variable fields at random
Variation, the test case not being inconsistent with the definition generated with variable field data.
In the specific implementation, field selects variation unit 503, is additionally operable to: by the number of a part of field in variable field
According to being set to preset value seriatim or in combination, preset value include the maximum in the span of field definition, minima or
Intermediate value;The data of another part field in variable field are carried out random value variation, to generate and another part field
The test case that the definition of data is not inconsistent.
In the specific implementation, field selects variation unit 503, is additionally operable to: represent unit marks by being used in variable field
The length field of symbol field, function code field and data field length is set to preset value, to element identifier (element ID) field, function code
Any one or a combination thereof in field and data field carry out making a variation and lengthening or compress physical length, to generate physical length
The unmatched test case with the preset value of length field.
In the specific implementation, random variation here includes that data element deletes variation, and data element repeats variation, effectively
Value variation, or the Numerical Boundary variation in the numerical range of each field definition.
The Test cases technology device introduced due to the present embodiment is that the test that can perform in the embodiment of the present invention is used
Example generates the device of method, so method based on the Test cases technology described in the embodiment of the present invention, belonging to this area
Technical staff will appreciate that detailed description of the invention and its various versions, the institute of the Test cases technology device of the present embodiment
The most detailed with the method for generating test case that how to realize in the embodiment of the present invention for this Test cases technology device at this
Introduce.As long as those skilled in the art implement the device that method for generating test case in the embodiment of the present invention is used, all
Belong to the scope that the application to be protected.
Algorithm and display are not intrinsic to any certain computer, virtual system or miscellaneous equipment relevant provided herein.
Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system
Structure be apparent from.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various
Programming language realizes the content of invention described herein, and the description done language-specific above is to disclose this
Bright preferred forms.
In description mentioned herein, illustrate a large amount of detail.It is to be appreciated, however, that the enforcement of the present invention
Example can be put into practice in the case of not having these details.In some instances, it is not shown specifically known method, structure
And technology, in order to do not obscure the understanding of this description.
Similarly, it will be appreciated that one or more in order to simplify that the disclosure helping understands in each inventive aspect, exist
Above in the description of the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes
In example, figure or descriptions thereof.But, the method for the disclosure should not be construed to reflect an intention that i.e. required guarantor
The application claims feature more more than the feature being expressly recited in each claim protected.More precisely, as following
Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
The claims following detailed description of the invention are thus expressly incorporated in this detailed description of the invention, the most each claim itself
All as the independent embodiment of the present invention.
Those skilled in the art are appreciated that and can carry out the module in the equipment in embodiment adaptively
Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list
Unit or assembly are combined into a module or unit or assembly, and can put them in addition multiple submodule or subelement or
Sub-component.In addition at least some in such feature and/or process or unit excludes each other, can use any
Combine all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed appoint
Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power
Profit requires, summary and accompanying drawing) disclosed in each feature can be carried out generation by providing identical, equivalent or the alternative features of similar purpose
Replace.
Although additionally, it will be appreciated by those of skill in the art that embodiments more in this include institute in other embodiments
Including some feature rather than further feature, but the combination of the feature of different embodiment means to be in the scope of the present invention
Within and form different embodiments.Such as, in the following claims, embodiment required for protection any it
One can mode use in any combination.
The all parts embodiment of the present invention can realize with hardware, or to run on one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that and can use in practice
Microprocessor or digital signal processor (DSP) realize in gateway according to embodiments of the present invention, proxy server, system
The some or all functions of some or all parts.The present invention is also implemented as performing side as described herein
Part or all equipment of method or device program (such as, computer program and computer program).Such
The program realizing the present invention can store on a computer-readable medium, or can have the shape of one or more signal
Formula.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or with any other shape
Formula provides.
The present invention will be described rather than limits the invention to it should be noted above-described embodiment, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference marks that should not will be located between bracket is configured to limitations on claims.Word " comprises " and does not excludes the presence of not
Arrange element in the claims or step.Word "a" or "an" before being positioned at element does not excludes the presence of multiple such
Element.The present invention and can come real by means of including the hardware of some different elements by means of properly programmed computer
Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch
Specifically embody.Word first, second and third use do not indicate that any order.These word explanations can be run after fame
Claim.
Claims (10)
1. a method for generating test case, it is characterised in that for generating the test case for Modbus agreement, described side
Method includes:
One is chosen as objective function code in several function codes prestored;Wherein, several function codes described, for
Several function codes corresponding to packet performing difference in functionality operation of Modbus agreement regulation;
Specify according to Modbus agreement, obtain the definition of each field in the packet corresponding with described objective function code;
Choose for controlling the field of test case communication function as immutable field in function code field and each field,
Using remaining field as variable field;Described immutable field is set to preset value so that described test case support based on
Modbus agreement communicates;At least one field in described variable field is carried out random variation, with generate with described extremely
The definition of a few field is not inconsistent or data arrange the test case not being inconsistent.
Method the most according to claim 1, it is characterised in that described at least one field in described variable field is entered
Row random variation, to generate the step of the test case that the definition with at least one field described is not inconsistent or data setting is not inconsistent,
Including:
The data of all variable fields are carried out random variation, the test not being inconsistent with the definition generated with described variable field data
Use-case.
Method the most according to claim 1, it is characterised in that described at least one field in described variable field is entered
Row random variation, to generate the step of the test case that the definition with at least one field described is not inconsistent or data setting is not inconsistent,
Including:
The data of a part of field in described variable field are set to preset value, described preset value bag seriatim or in combination
Include the maximum in the span of described field definition, minima or intermediate value;
The data of another part field in described variable field are carried out random value variation, to generate and described another part
The test case that the definition of field data is not inconsistent.
Method the most according to claim 1, it is characterised in that described at least one field in described variable field is entered
Row random variation, to generate the step of the test case that the definition with at least one field described is not inconsistent or data setting is not inconsistent,
Including:
Element identifier (element ID) field, function code field and the length field of data field length is represented by described variable field is used for
It is set to preset value, any one in described element identifier (element ID) field, function code field and data field or a combination thereof are carried out
Making a variation and lengthen or compression physical length, to generate, physical length is unmatched with the preset value of described length field tests use
Example.
5. according to the arbitrary described method of claim 1-4, it is characterised in that described random variation includes that data element is deleted and becomes
Different, data element repeats variation, and virtual value makes a variation, or the Numerical Boundary variation in the numerical range of each field definition.
6. a Test cases technology device, it is characterised in that for generating the test case for Modbus agreement, described dress
Put and include:
Function code selects unit, for choosing one as objective function code in several function codes prestored;Wherein, described
Several function codes, for several function codes corresponding to the packet performing difference in functionality operation of Modbus agreement regulation;
Acquiring unit, for specifying according to Modbus agreement, obtains each word in the packet corresponding with described objective function code
The definition of section;
Field selects variation unit, is used for choosing in function code field and each field for controlling test case communication function
Field as immutable field, using remaining field as variable field;Described immutable field is set to preset value, so that
Described test case support communicates based on Modbus agreement;At least one field in described variable field is carried out at random
Variation, to generate the test case that the definition with at least one field described is not inconsistent or data setting is not inconsistent.
Device the most according to claim 6, it is characterised in that
Described field selects variation unit, is additionally operable to the data of all variable fields are carried out random variation, to generate with described
The test case that the definition of variable field data is not inconsistent.
Device the most according to claim 6, it is characterised in that described field selects variation unit, is additionally operable to:
The data of a part of field in described variable field are set to preset value, described preset value bag seriatim or in combination
Include the maximum in the span of described field definition, minima or intermediate value;
The data of another part field in described variable field are carried out random value variation, to generate and described another part
The test case that the definition of field data is not inconsistent.
Device the most according to claim 6, it is characterised in that described field selects variation unit, is additionally operable to:
Element identifier (element ID) field, function code field and the length field of data field length is represented by described variable field is used for
It is set to preset value, any one in described element identifier (element ID) field, function code field and data field or a combination thereof are carried out
Making a variation and lengthen or compression physical length, to generate, physical length is unmatched with the preset value of described length field tests use
Example.
10. according to the arbitrary described device of claim 6-9, it is characterised in that described random variation includes that data element is deleted
Variation, data element repeats variation, and virtual value makes a variation, or the Numerical Boundary variation in the numerical range of each field definition.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610697317.4A CN106330601A (en) | 2016-08-19 | 2016-08-19 | Test case generating method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610697317.4A CN106330601A (en) | 2016-08-19 | 2016-08-19 | Test case generating method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106330601A true CN106330601A (en) | 2017-01-11 |
Family
ID=57741152
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610697317.4A Pending CN106330601A (en) | 2016-08-19 | 2016-08-19 | Test case generating method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106330601A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106788480A (en) * | 2017-03-20 | 2017-05-31 | 上海资誉电子科技有限公司 | The winged control signal testing method and system of unmanned plane |
| CN107193731A (en) * | 2017-05-12 | 2017-09-22 | 北京理工大学 | Use the fuzz testing coverage rate improved method of control variation |
| CN107404487A (en) * | 2017-08-07 | 2017-11-28 | 浙江国利信安科技有限公司 | A kind of industrial control system safety detection method and device |
| CN107517199A (en) * | 2017-07-14 | 2017-12-26 | 国家电网公司 | A kind of method for generating test case and system for being used for 376.1 protocol security defects detections |
| CN109922063A (en) * | 2019-03-05 | 2019-06-21 | 南方电网科学研究院有限责任公司 | The dirty data creation method of multifunction electric meter communication protocol fuzz testing |
| CN110597734A (en) * | 2019-09-23 | 2019-12-20 | 电子科技大学 | Fuzzy test case generation method suitable for industrial control private protocol |
| CN112055003A (en) * | 2020-08-26 | 2020-12-08 | 上海电力大学 | Method for generating private protocol fuzzy test case based on byte length classification |
| CN112104634A (en) * | 2020-09-08 | 2020-12-18 | 中国电力科学研究院有限公司 | Data message processing method, system, equipment and readable storage medium |
| CN112422485A (en) * | 2019-08-23 | 2021-02-26 | 北京东土科技股份有限公司 | Communication method and device of transmission control protocol |
| CN113179274A (en) * | 2021-04-29 | 2021-07-27 | 哈尔滨工程大学 | Modbus protocol vulnerability mining method based on dynamic taint analysis |
| CN113986712A (en) * | 2021-09-10 | 2022-01-28 | 深圳开源互联网安全技术有限公司 | Fuzzy test method and device based on HTTP/2 |
| CN114063606A (en) * | 2022-01-13 | 2022-02-18 | 浙江大学 | PLC protocol fuzzy test method and device, electronic equipment and storage medium |
| CN115766541A (en) * | 2022-11-15 | 2023-03-07 | 合众新能源汽车有限公司 | Device testing method, device, computer equipment and storage medium |
| CN117216772A (en) * | 2023-11-09 | 2023-12-12 | 中兴通讯股份有限公司 | Fuzzy test case optimization method, device, equipment and readable medium |
| CN117792967A (en) * | 2024-02-26 | 2024-03-29 | 南京邮电大学 | Camera fuzzy test method based on difference feedback |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2010287034A (en) * | 2009-06-11 | 2010-12-24 | Koyo Electronics Ind Co Ltd | Address display system of modbus protocol communication between external equipment and plc |
| CN102437952A (en) * | 2012-01-29 | 2012-05-02 | 山东黄金矿业(莱州)有限公司焦家金矿 | Method for managing multi-variety Modbus protocol message |
| CN103853650A (en) * | 2012-11-28 | 2014-06-11 | 西门子公司 | Test case generating method and device for fuzz testing |
| CN105721230A (en) * | 2014-11-30 | 2016-06-29 | 中国科学院沈阳自动化研究所 | Modbus protocol-oriented fuzz testing method |
| CN105827469A (en) * | 2014-12-29 | 2016-08-03 | 国家电网公司 | MODBUS TCP implementation defect tester and detection method thereof |
-
2016
- 2016-08-19 CN CN201610697317.4A patent/CN106330601A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2010287034A (en) * | 2009-06-11 | 2010-12-24 | Koyo Electronics Ind Co Ltd | Address display system of modbus protocol communication between external equipment and plc |
| CN102437952A (en) * | 2012-01-29 | 2012-05-02 | 山东黄金矿业(莱州)有限公司焦家金矿 | Method for managing multi-variety Modbus protocol message |
| CN103853650A (en) * | 2012-11-28 | 2014-06-11 | 西门子公司 | Test case generating method and device for fuzz testing |
| CN105721230A (en) * | 2014-11-30 | 2016-06-29 | 中国科学院沈阳自动化研究所 | Modbus protocol-oriented fuzz testing method |
| CN105827469A (en) * | 2014-12-29 | 2016-08-03 | 国家电网公司 | MODBUS TCP implementation defect tester and detection method thereof |
Non-Patent Citations (2)
| Title |
|---|
| 万明;尚文利;曾鹏;赵剑明;: "基于功能码深度检测的Modbus/TCP通信访问控制方法", 信息与控制, no. 02, 15 April 2016 (2016-04-15), pages 124 - 132 * |
| 李航;董伟;朱广宇;: "基于Fuzzing测试的工业控制协议漏洞挖掘技术研究", 电子技术应用, no. 07, 12 July 2016 (2016-07-12), pages 85 - 88 * |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106788480A (en) * | 2017-03-20 | 2017-05-31 | 上海资誉电子科技有限公司 | The winged control signal testing method and system of unmanned plane |
| CN107193731B (en) * | 2017-05-12 | 2020-10-27 | 北京理工大学 | Fuzzy test coverage improvement method using control variation |
| CN107193731A (en) * | 2017-05-12 | 2017-09-22 | 北京理工大学 | Use the fuzz testing coverage rate improved method of control variation |
| CN107517199A (en) * | 2017-07-14 | 2017-12-26 | 国家电网公司 | A kind of method for generating test case and system for being used for 376.1 protocol security defects detections |
| CN107404487A (en) * | 2017-08-07 | 2017-11-28 | 浙江国利信安科技有限公司 | A kind of industrial control system safety detection method and device |
| CN107404487B (en) * | 2017-08-07 | 2020-07-21 | 浙江国利网安科技有限公司 | Industrial control system safety detection method and device |
| CN109922063A (en) * | 2019-03-05 | 2019-06-21 | 南方电网科学研究院有限责任公司 | The dirty data creation method of multifunction electric meter communication protocol fuzz testing |
| CN112422485B (en) * | 2019-08-23 | 2023-05-26 | 北京东土科技股份有限公司 | Communication method and device of transmission control protocol |
| CN112422485A (en) * | 2019-08-23 | 2021-02-26 | 北京东土科技股份有限公司 | Communication method and device of transmission control protocol |
| CN110597734B (en) * | 2019-09-23 | 2021-06-01 | 电子科技大学 | Fuzzy test case generation method suitable for industrial control private protocol |
| CN110597734A (en) * | 2019-09-23 | 2019-12-20 | 电子科技大学 | Fuzzy test case generation method suitable for industrial control private protocol |
| CN112055003B (en) * | 2020-08-26 | 2022-12-23 | 上海电力大学 | Method for generating private protocol fuzzy test case based on byte length classification |
| CN112055003A (en) * | 2020-08-26 | 2020-12-08 | 上海电力大学 | Method for generating private protocol fuzzy test case based on byte length classification |
| CN112104634A (en) * | 2020-09-08 | 2020-12-18 | 中国电力科学研究院有限公司 | Data message processing method, system, equipment and readable storage medium |
| CN113179274A (en) * | 2021-04-29 | 2021-07-27 | 哈尔滨工程大学 | Modbus protocol vulnerability mining method based on dynamic taint analysis |
| CN113179274B (en) * | 2021-04-29 | 2022-05-20 | 哈尔滨工程大学 | Modbus protocol vulnerability mining method based on dynamic taint analysis |
| CN113986712A (en) * | 2021-09-10 | 2022-01-28 | 深圳开源互联网安全技术有限公司 | Fuzzy test method and device based on HTTP/2 |
| CN114063606A (en) * | 2022-01-13 | 2022-02-18 | 浙江大学 | PLC protocol fuzzy test method and device, electronic equipment and storage medium |
| CN115766541A (en) * | 2022-11-15 | 2023-03-07 | 合众新能源汽车有限公司 | Device testing method, device, computer equipment and storage medium |
| CN115766541B (en) * | 2022-11-15 | 2024-05-07 | 合众新能源汽车股份有限公司 | Device testing method, device, computer equipment and storage medium |
| CN117216772A (en) * | 2023-11-09 | 2023-12-12 | 中兴通讯股份有限公司 | Fuzzy test case optimization method, device, equipment and readable medium |
| CN117216772B (en) * | 2023-11-09 | 2024-03-08 | 中兴通讯股份有限公司 | Fuzzy test case optimization method, device, equipment and readable medium |
| CN117792967A (en) * | 2024-02-26 | 2024-03-29 | 南京邮电大学 | Camera fuzzy test method based on difference feedback |
| CN117792967B (en) * | 2024-02-26 | 2024-05-10 | 南京邮电大学 | Camera fuzzy test method based on difference feedback |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106330601A (en) | Test case generating method and device | |
| US10122741B2 (en) | Non-harmful insertion of data mimicking computer network attacks | |
| CN101964025B (en) | XSS detection method and equipment | |
| US11218510B2 (en) | Advanced cybersecurity threat mitigation using software supply chain analysis | |
| CN102833258B (en) | Network address access method and system | |
| CN103065091B (en) | Reduce with malware detection expanding system | |
| CN110084039A (en) | Frame for the coordination between endpoint security and Network Security Service | |
| CN107003976A (en) | Based on active rule can be permitted determine that activity can be permitted | |
| CN104301302A (en) | Unauthorized attack detection method and device | |
| CN103036730A (en) | Method and device for achieving safety testing on protocol implementation | |
| CN103853650A (en) | Test case generating method and device for fuzz testing | |
| CN106796635A (en) | Determining device, determine method and determination program | |
| CN106384048A (en) | Threat message processing method and device | |
| CN105164691A (en) | Optimizing test data payload selection for testing computer software applications using computer networks | |
| Savola et al. | A visualization and modeling tool for security metrics and measurements management | |
| CN105335310A (en) | Interface defining method, and data transmission method and apparatus | |
| CN103001946A (en) | Website security detection method, website security detection equipment and website security detection system | |
| CN102624574A (en) | Security testing method and device for protocol implementation | |
| CN108520177A (en) | Application software management method, device, mobile terminal and readable storage medium storing program for executing | |
| US10823782B2 (en) | Ensuring completeness of interface signal checking in functional verification | |
| CN111949531A (en) | Block chain network testing method, device, medium and electronic equipment | |
| CN105516390A (en) | Method and device for managing domain name | |
| CN113282971B (en) | Processing method, device, equipment and storage medium of test log | |
| CN104375935A (en) | Method and device for testing SQL injection attack | |
| CN105515882A (en) | Website security detection method and website security detection device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination |