PhD Thesis: "A Pattern-Driven and Model-Based Vulnerability Testing Approach for Web Applications"
Advisors: Prof. Bruno Legeard and Dr. Fabien Peureux
My thesis is about an original security testing approach guided by risk assessment, by means of risk coverage, to perform and automate vulnerability testing for Web applications. This approach, called Pattern-driven and Model-Based Vulnerability Testing, adapts Model-Based Testing techniques, which are currently mostly used to address functional features. It also extends Model-Based Vulnerability Testing techniques by driving the testing process using security test patterns selected from risk assessment results. The adaptation of such techniques for Vulnerability Testing defines novel features in this research domain.