【作者】 马艳；

【导师】 祝跃飞；

【作者基本信息】 解放军信息工程大学 ， 计算机软件与理论， 2010， 硕士

【摘要】 为保证IPSec协议产品能够提供其声称的安全服务功能,需要对其进行协议测试。目前,在IPSec协议一致性测试方面存在测试集覆盖度不完备、测试序列冗余、测试用例执行效率低等问题。本文从测试集优化和测试过程优化两方面对IPSec协议测试优化技术进行了研究,针对上述问题分别提出了有效的解决方案。首先,针对测试集覆盖度不完备、测试序列冗余的问题,采用有限状态机FSM模型为IPSec协议进行形式化建模;在得到的数学模型的基础上,采用BUIO方法生成测试序列;在测试用例设计时,采用等价类划分法和边界值分析法进行参数选择。通过依赖数学模型进行测试序列的完备生成和借鉴黑盒测试用例设计方法进行参数选择,从两个层次保证了IPSec协议测试集较为完备的覆盖度;采用BUIO方法生成测试序列,缩短了测试序列长度,提高了测试执行时的效率。其次,针对测试用例执行过程中存在的问题,提出基于层次结构的IPSec协议测试过程优化方案,按层次执行测试用例,并利用执行结果对后续测试进行指导。该方案解决了测试过程中由于忽略测试用例之间的联系而导致的执行效率低,无法达到理想的实际测试覆盖度的问题,在测试过程中提高了测试效率,扩大了实际测试范围。再次,针对不能根据协议本身进行明显层次结构划分的协议,对基于层次结构的IPSec协议测试过程优化方案进行扩展,提出了采用测试用例间的依赖性进行层次划分的方法。该方法可适用于大多数的协议测试,减少不一致性传播问题对协议测试带来的影响。最后,采用B/S模式的测试架构和模块化编程思想建立测试系统,搭建了测试平台,通过测试实践,验证了测试优化效果。更多还原

【Abstract】 To ensure the products of IPSec protocol can provide the security services they claimed, the IUTs need test. At present, IPSec protocol conformance testing has some problems such as the coverage of test suite is not complete; test sequence has redundancy and so on. To solve these problems, in this thesis, optimization on IPSec protocol test techonology has been studied.Firstly, on the basis of study on formal description technique, FSM is adopted as the formal model to describe IPSec protocol. BUIO method is adopted to generate test sequences. Generating test sequence based on FSM model can ensure the completeness by making the complete transformation of the model; then equivalence class partition method and boundary value analysis method are adopted to choose test parameters which can ensure the completeness of value choosing as much as possible. Meanwhile, the test sequences generated by BUIO method reduced the redundancy part of test sequences generated by UIO methods. Secondly, test process optimization is studied which is aimed at problems such as the low efficiency of test case execution, and the real coverage is not achieved which are caused by ignoring the relation between test cases. On the basis of research on the characteristics of IPSec, a hierarchy-based process optimization method has been proposed in this thesis to solve the two problems.At the same time, a promotion method of the IPSec hierarchy-based process optimization method has been proposed which can apply to common protocol test procedure optimization.Finally, Test platform is constructed and test practice is carried out, which proved the validation of the test suite optimization and test procedure optimization.更多还原