Posted on by Achim D. Brucker, licensed under CC BY-ND 4.0.

Incorporating Data into EFSM Inference

Models are an important way of understanding software systems. If they do not already exist, then we need to infer them from system behaviour. Most current approaches infer classical FSM models that do not consider data, thus limiting applicability. EFSMs provide a way to concisely model systems with an internal state but existing inference techniques either do not infer models which allow outputs to be computed from inputs, or rely heavily on comprehensive white-box traces that reveal the internal program state, which are often unavailable.

In our SEFM paper [1], we present an approach for inferring EFSM models, including functions that modify the internal state. Our technique uses black- box traces which only contain information visible to an external observer of the system. We implemented our approach as a prototype.


M. Foster, A. D. Brucker, R. G. Taylor, S. North, and J. Derrick, “Incorporating data into EFSM inference,” in Software engineering and formal methods (SEFM), P. C. Ölveczky and G. Salaün, Eds. Heidelberg: Springer-Verlag, 2019, pp. 257–272. doi: 10.1007/978-3-030-30446-1_14.

Welcome to the blog of the Software Assurance & Security Research Team at the University of Exeter. We blog regularly news, tips & tricks, as well as fun facts about software assurance, reliability, security, testing, verification, hacking, and logic.

You can also follow us on Twitter: @logicalhacking.




academia ai android apidesign appsec bitcoin blockchain bpmn browser browserextensions browsersecurity bug certification chrome composition cordova dast devops devsecops dom dsbd efsm epsrc event extensions fixeffort floss formaldocument formalmethods funding hol-ocl hol-testgen humanfactor hybridapps iast industry internetofthings iot isabelle/hol isabelledof isadof latex logic maintance malicous mbst mobile mobile apps modelinference modeling monads monitoring msc ocl ontology opensource owasp patches pet phd phdlife phishing policy protocols publishing reliability research safelinks safety sap sast sdlc secdevops secureprogramming security securityengineering securitytesting semantics servicecomposition skills smartcontract smartthings softwareeinginering softwaresecurity softwaresupplychain solidity staff&positions statemachine studentproject tcb test&proof testing tips&tricks tools transport tuos uk uoe upgrade usability verification vulnerabilities vulnerableapplication webinar websecurity


blog whole site