Security testing

ESCUDO-CLOUD developed an innovative approach to conduct testing over the security lifecycle (see figure) of Cloud systems (e.g., OpenStack, Amazon EC2) by ascertaining the compliance of security Service Level Objectives (SLOs).

sectest 1

The approach, termed C’Mon, developed a compliance monitoring framework (see figure) via the direct and indirect monitoring of Cloud services.

sectest 2

Additionally, Cloud services typically entail concurrent processes and multi-threaded software with characteristic non-deterministic execution behavior. Consequently, the classical testing techniques that are build around deterministic single-threaded behavior need to be extended. ESCUDO-CLOUD developed approaches spanning experimental (termed Invariant Propagation Analysis) and formal (Iterative Relaxed Scheduling) testing facets. In addition, ESCUDO-CLOUD also developed open-source testing support tools as GRINDER (Customizable Test Harness) and PAIN (tunability of parallelism for accuracy and throughput). The project also developed techniques for application level verification developing solutions for testing VM and container integrity that were applied to ESCUDO-CLOUD’s Shuffle Index experiments.

sectest 3

Related Publications