Conformance testing automation for transport layer security protocol TLS

Conference «Tools & Methods of Program Analysis – 2013»

TLS protocol is widely used to protect data exchange between clients and servers in various scenarios: while browsing Internet, sending and receiving e-mails, establishing VPN, etc. There are dozens implementations in the market at the moment; such as, ensuring interoperability is highly important. Incompatibility between two implementations might result in disconnection or even disclosure of sensitive data. Conformance testing is the primary tool to ensure interoperability between implementations of a protocol. The paper presents a model-based approach to conformance testing of TLS implementations. It discusses the formal model of TLS protocol, the structure of the test suite. We applied the test suite to a several popular implementations of TLS, and present brief results. The paper concludes with discussion of the directions for future research.