1 \subsection{Preflight checklist
}
2 Before actual certification is commenced we perform a manual test using a
4 If any of the checks fail we immediately reject the product.
5 The checklist is given in the table below. All commands in
\texttt{monospace
}
6 are to be run in a terminal. Commands prefixed with a
\texttt{\#
} should be run
7 with root permissions. Commands prefixed with a
\texttt{\$
} should be run with
10 \begin{longtable
}{|l|rp
{.8\linewidth}|
}
12 Check
1 &
\multicolumn{2}{l|
}{Get the SUT in a workable state.
}\\
14 \multirow{3}{*
}{Course of action
}
15 &
1. & Import the VirtualBox image into VirtualBox.\\
17 &
3. & Verify the SUT booted successfully and the network modules are
20 Passed &
\multicolumn{2}{l|
}{\textit{Yes/No
}}\\
22 Check
2 &
\multicolumn{2}{l|
}{Verify the SUT is complete.
}\\
24 \multirow{5}{*
}{Course of action
}
25 &
1. & Boot the SUT as in
\emph{Check
1}.\\
26 &
2. & Verify the loopback device exists by running
27 \texttt{\$ ifconfig
}.\\
28 &
3. & Verify the
\emph{echo-server
} is present on the system by running
29 \texttt{\$ file code/server/Main.java
}\\
30 &
4. & Verify
\emph{Scapy
} is present on the system by running
32 &
5. & Verify all scripts used for testing are present on the system.\\
34 Passed &
\multicolumn{2}{l|
}{\textit{Yes/No
}}\\
36 Check
3 &
\multicolumn{2}{l|
}{Initialize the testing environment..
}\\
38 \multirow{5}{*
}{Course of action
}
39 &
1. & Boot the SUT as in
\emph{Check
1}.\\
40 &
2. & Setup iptables by executing
41 \texttt{\# code/iptables.sh
}~
\footnote{The IPTables script ensures
42 that the OS does not drop packets due to an the unknown source.
}\\
43 &
3. & Navigate to the working directory by running
44 \texttt{\$ cd /home/student/tt2015
}\\
45 &
4. & Compile the echo server by running
46 \texttt{\# cd code/server \&\& make \&\& cd -
}\\
47 &
5. & Start the echo server by running
48 \texttt{\# cd code/server \&\& java Main
}\\
50 Passed &
\multicolumn{2}{l|
}{\textit{Yes/No
}}\\
52 Check
4 &
\multicolumn{2}{l|
}{Test the tool environment.
}\\
54 \multirow{3}{*
}{Course of action
}
55 &
1. & Initialize the SUT as in
\emph{Check
3}\\
56 &
2. & Execute the test script by running
57 \texttt{\# code/client/helloworld.py
}\\
58 &
3. & Verify the console displays a success message.\\
60 Passed &
\multicolumn{2}{l|
}{\textit{Yes/No
}}\\
62 Check
5 &
\multicolumn{2}{l|
}{All test inputs and scripts are present.
}\\
64 \multirow{2}{*
}{Course of action
}
65 &
1. & Boot the SUT as in
\emph{Check
1}.\\
66 &
2. & Verify that the test generation script is present by running
67 \texttt{\$ file code/client/test.py
}\\
69 Passed &
\multicolumn{2}{l|
}{\textit{Yes/No
}}\\
71 \caption{Preflight checklist
\label{tbl:preflight
}}
74 \subsection{Testing of SUT
}
75 The SUT is a series of services for other computer programs with no end-user
76 facing interface. Therefore the SUT will be tested solely by calling it's
77 services through various automated scripts. An automated test suite will be
78 available which executes all these automated scripts and aggregates their
79 results to asses whether or not the SUT has passed the test.
81 The implementation of the SUT is tested using black box testing techniques. A
82 series of tests asses the correctness of the implementation with regards to the
83 TCP specification. These tests are specified in Table~
\textbf{referentie naar
84 tests-tabel
}. The test cases aim to cover the most interesting parts of the TCP
87 To cover the TCP specification as complete as possible while still maintaining
88 a feasible test suite the tests are divided into equivalence partitions. Below
89 these partitions are given.
92 \item \emph{Number of segments
} in request~
\footnote{A request is
93 considered establishing a connection (handshake) and a number of
96 \item 0 payload segments
97 \item 1 payload segments
98 \item n=small payload segments (
1 byte)
99 \item n=big payload segments (
65495 bytes)
101 \item \emph{source port
}
106 \item \emph{destination port
}
111 \item Bit errors in
\emph{payload
}
113 \item Correct payload
114 \item Payload with bit flips that do not show in checksum
115 \item Payload with bit flips that do show in checksum
117 \item \emph{checksum
}
122 \item \emph{Packet order
}
126 \item Missing packets
130 These partitions were chosen since they correspond to key parts of the TCP
133 TCP segments are send over a TCP connection from a
\emph{source
} to a
\emph{destination port
}. Therefore segments which are received that have a
134 source or destination port set to an incorrect value should not be regarded
135 as segments belonging to the connection by the SUT.
137 TCP uses a
\emph{checksum
} to catch any error introduced in headers, when this
138 checksum does not match the actual computed checksum the SUT should
139 disregard the received segment.
141 The TCP checksum is also an inherently weak one, as it is simply the
142 bitwise negation of the addition, in ones complement arithmetic,
143 of all
16 bit words in the header and data of the segment (excluding the
144 checksum itself). Therefore any
\emph{bit error
} where the ones complement value
146 increases by one, and the value of another decreases by one, is undetected.
147 The SUT should exhibit the same behavior and accept packets where these type
150 TCP guarantees that segments are delivered
\emph{in order
}
151 ,even when they are received
152 out of order and that missing segments are resend. The SUT should
153 exhibit the same behavior. If segments are received out of order it should
154 either reassemble them when the missing packet has arrived or request them to
155 be resend when the Missing segments should be re-requested (by ACK-ing
156 the correct sequence number).
160 Partitions
2 to
6 are tested using pairwise testing to keep the number of test
161 cases feasible. The pairs are then all *except some where it does not make sense
162 to do so) tested with the different request sizes of partition
1.
164 This is expressed in Table~
\ref{table:testpairs
}.
168 \newcommand{\doTCC}{\theTCC \stepcounter{TCC
}}
171 \begin{tabular
}{|l|l|l|l|l|l|l|l|l|l|l|
}
173 &
\multicolumn{10}{c|
}{\textbf{Partition
}}\\
175 & \# &
4 &
5 &
3 &
6 &
2 &
1a &
1b &
1c &
1d\\
177 \multirow{9}{*
}{Instance
}
178 &
1 & a & a & a & a & a &
\doTCC &
\doTCC &
\doTCC &
\doTCC\\
179 &
2 & a & b & b & c & b &
\xmark &
\xmark &
\doTCC &
\doTCC\\
180 &
3 & c & a & b & a & b &
\xmark &
\xmark &
\doTCC &
\doTCC\\
181 &
4 & c & b & a & c & a &
\xmark &
\xmark &
\doTCC &
\doTCC\\
182 &
5 & b & a & b & c & a &
\xmark &
\xmark &
\doTCC &
\doTCC\\
183 &
6 & b & b & a & b & b &
\xmark &
\xmark &
\doTCC &
\doTCC\\
184 &
7 & c & b & b & a & b &
\doTCC &
\doTCC &
\doTCC &
\doTCC\\
185 &
8 & b & b & b & a & b &
\doTCC &
\doTCC &
\doTCC &
\doTCC\\
186 &
9 & a & b & b & b & a &
\xmark &
\xmark &
\doTCC &
\doTCC\\
189 \caption{Combinations of test cases
}
190 \label{table:testpairs
}
193 \subsection{Quality, completeness and coverage of tests
}
195 The network packets used in testing are constructed from prerecorded, known to
196 be correct, network traffic. These packets are then modified with well used and
197 field tested tools. Due to this the chance of errors in the test cases is quite
198 low. However, no formal proof of correctness of the test cases is present, this
199 means that any defects found might not be the result of a fault in the SUT.
200 Therefore detected defects should only indicate there is a high chance that
201 there is a fault in the SUT and can not result directly in the conclusion that
202 there actually is one.
206 Due to the nature of black-box testing coverage of the code in the
207 implementation of the SUT is unknown. However completeness of the tests over
208 the specification of the SUT can be assessed.
212 Due to the clear and exhaustive specification of TCP the completeness of the
213 test suite can be clearly assessed.
215 As always, $
100\%$ completeness is not feasible, therefore test cases are
216 carefully selected to cover the most interesting parts of the TCP specification
217 to ensure a test suite.
219 To further decrease the number of tests needed test cases are divided into
220 equivalence partitions and the combination of cases as described in
221 Table~
\ref{table:testpairs
} ensures that all partitions are
222 covered and the number of individual tests is still feasible.
226 % wat ik ook probeer ik krijg de eerste collum
227 % zijn tekst niet verticaal gecentered
231 \subsection{Test cases
}
233 Before every test case use the following steps to initialize the testing environment.
236 \item Boot the vm using VirtualBox.
237 \item Setup iptables by executing
\texttt{\# code/iptables.sh
}
238 \item Navigate to the working directory by running
\texttt{\$ cd /home/student/tt2015
}
239 \item Start the echo server by running
\texttt{\# cd code/server \&\& java Main
}
242 \begin{longtable
}{|p
{.2\linewidth}|p
{.8\linewidth}|
}
245 Title & Single valid request with
1byte payload. \\
\hline
246 Input & Generated packets. \\
\hline
247 Expected output & Packets echoed back by Echo-Server. \\
\hline
248 \multirow{2}{*
}{Course of action
}
249 &
1. Use the steps listed above in order to start the SUT. \\
250 &
2. Execute the script by running
\texttt{\# code/client/tests/
1.py
} \\
\hline
251 Valid trace & Verify that the script prints 'Success'. \\
\hline
255 Title & Single valid request with
65495bytes payload. \\
\hline
256 Input & Generated packets. \\
\hline
257 Expected output & Packets echoed back by Echo-Server. \\
\hline
258 \multirow{2}{*
}{Course of action
}
259 &
1. Use the steps listed above in order to start the SUT. \\
260 &
2. Execute the script by running
\texttt{\# code/client/tests/
2.py
} \\
\hline
261 Valid trace & Verify that the script prints 'Success'. \\
\hline
265 Title &
5 valid requests with
1byte payload. \\
\hline
266 Input & Generated packets. \\
\hline
267 Expected output & Packets echoed back by Echo-Server, in the same order as the client sent them. \\
\hline
268 \multirow{2}{*
}{Course of action
}
269 &
1. Use the steps listed above in order to start the SUT. \\
270 &
2. Execute the script by running
\texttt{\# code/client/tests/
3.py
} \\
\hline
271 Valid trace & Verify that the script prints 'Success'. \\
\hline
275 Title &
5 valid requests with
65495bytes payload. \\
\hline
276 Input & Generated packets with
65495bytes payload. \\
\hline
277 Expected output & Packets echoed back by Echo-Server, in the same order as the client sent them. \\
\hline
278 \multirow{2}{*
}{Course of action
}
279 &
1. Use the steps listed above in order to start the SUT. \\
280 &
2. Execute the script by running
\texttt{\# code/client/tests/
4.py
} \\
\hline
281 Valid trace & Verify that the script prints 'Success'. \\
\hline
285 Title &
5 valid requests with
1byte payload sent out of order. \\
\hline
286 Input & Generated packets with
1byte payload, two packets are swapped in position. \\
\hline
287 Expected output & All requests sent up to and including
288 the swapped packet with the lowest sequence number, the remaining packets are dropped. \\
\hline
289 \multirow{2}{*
}{Course of action
}
290 &
1. Use the steps listed above in order to start the SUT. \\
291 &
2. Execute the script by running
\texttt{\# code/client/tests/
5.py
} \\
\hline
292 Valid trace & Verify that the script prints 'Success'. \\
\hline
296 %\begin{tabularx}{\linewidth}{| l | X|}
299 %Title & Single valid request. \\\hline
300 %Input & Pcap file with prerecorded valid packets. \\\hline
301 %Expected output & Pcap file with valid response to request. \\\hline
302 %Course of action & \begin{enumerate}
303 % \item Execute \emph{./scripts/tests/case1-single-valid.sh}
304 % \item Load \emph{output/case1.pcap} with ...
305 %\end{enumerate} \\\hline
306 %Valid trace & \begin{enumerate}
307 % \item \textbf{Hier packets benoemen?}
308 %\end{enumerate} \\\hline
311 %\begin{tabularx}{\linewidth}{| l | X|}
314 %Title & Single request with corrupted checksum. \\\hline
315 % Input & Pcap file used as \emph{test-case 1} input. \\\hline
316 % Expected output & No response from SUT, logs with rejected packets. \\\hline
317 % Course of action & \begin{enumerate}
318 % \item Load input pcap file into ....
319 % \item Corrupt checksum of loaded packets.
320 % \item Save resulting packets as pcap file.
321 % \item Load new pcap file into ...
322 % \item Replay new pcap file.
323 % \item Record SUT response using...
324 % \item Extract log with rejected packets.
325 % \item Save recorded packets as a pcap file.
326 % \item Analyze packets in resulting file.
327 % \end{enumerate} \\\hline
328 % Valid trace & \begin{enumerate}
329 % \item \textbf{Aangeven welke packets corrupted zijn?}
330 % \end{enumerate} \\\hline