Extending TTCN-3 with Model-Based Fuzzing for Robustness Testing of Telecom Protocols

Abstract

The telecommunication network is classi ed by governments as a critical infrastructure which must be protected. It provides text and voice communication, Internet access, and emergency services for mobile subscribers worldwide. Operators set high demands on the availability of the telecommunication products and a common level to mark high availability is 99.999%, or less than ve and a half minutes of downtime a year. Hence, telecommunication vendors have to thoroughly test their products to ensure that the demands are met. One way to achieve this is to apply a robustness testing technique called fuzzing. In this master thesis we designed and implemented a model-based fuzzer for robustness testing of telecommunication protocol implementations. Our fuzzer is generation-based and integrates with the TTCN-3 conformance test environment by extracting protocol models and creates generators to populate the models. A case-study is conducted of fuzzing a telecommunication protocol which shows that the fuzzer is capable of provoking erroneous behavior, some which unlikely would have been found otherwise. After discussion with the conformance test team, the tool is considered easy to learn, and that it will be a helpful addition to the tester's toolbox. Taken together, we believe that the fuzzer will be a valuable asset for robustness testing.