TA-MISBEHAVIOURS#

Overview#

The TA-MISBEHAVIOURS documentation provides a detailed exploration of identifying, analyzing, and resolving misbehaviors within the Trustable Software Framework. This section outlines the objectives, methodologies, and outcomes related to misbehavior assessment. Further reading can be found here.

Objectives#

  • Identify and define potential misbehaviors in software systems.

  • Assess the impact and risk associated with non-compliant behaviors.

  • Document procedures for testing, diagnosing, and mitigating misbehaviors.

Methodology#

  1. Misbehavior Identification - Catalog potential misbehaviors within software components. - Align misbehaviors with trust criteria and impact factors.

  2. Assessment Procedures - Develop tests to detect and evaluate misbehaviors. - Specify input conditions, expected failures or deviations, and test scenarios.

  3. Diagnostics and Mitigation - Execute tests and document anomalies. - Diagnose root causes of misbehaviors and propose mitigation strategies.

Test Cases#

// Example test case for misbehavior detection
void test_misbehavior_abc() {
    // Set up adverse conditions
    // Call function
    // Verify discrepancy in expected outcome
}

Fault Inductions#

The following fault inductions are designed to test the robustness of JSON parsing and handling within software systems. Each test case aims to provoke specific misbehaviors, allowing for the assessment of error handling, performance, and system stability.

  1. Invalid JSON Format: Attempt to parse malformed JSON strings that do not adhere to the standard JSON syntax, such as missing braces, brackets, or quotation marks.

  2. Non-UTF-8 Encodings: Feed the parser data in encodings other than UTF-8, such as UTF-16 or ISO-8859-1, to test how encoding errors are handled.

  3. Extremely Large JSON: Provide JSON files or strings that are significantly larger than typical sizes to test memory handling and performance.

  4. Deeply Nested JSON Structures: Use JSON strings with excessive nesting levels to test recursion limits or stack overflows.

  5. Circular References: Attempt to create objects with circular references, which are non-standard in JSON, to test detection of such anomalies.

  6. Special Character Handling: Test JSON strings that contain special characters or escape sequences to ensure correct parsing and encoding.

  7. Boundary Value Inputs: Use JSON inputs with values at or beyond expected minimum and maximum limits, such as boundary numbers for integer types.

  8. Unexpected Data Types: Provide invalid or unexpected data types within JSON (such as functions or undefined symbols) and verify proper error detection and handling.

  9. Concurrent Access: Induce faults by performing concurrent access to JSON parsing and manipulation, testing thread safety and potential race conditions.

  10. SAX Parsing Faults: For libraries supporting SAX (streaming APIs), present streaming data with interruptions or unexpected terminations.

  11. Inconsistent Data Types: Use JSON structures with inconsistent data types across similar keys or arrays, testing robustness in type checking.

  12. Memory Leak Induction: Monitor specifically for scenarios that may expose potential memory leaks during heavy or repeated JSON operations.

  13. Randomized Inputs: Leverage fuzz testing by feeding random and unpredictable JSON data to observe how the system responds to uncertain inputs.

Results#

  • Documented findings of misbehavior tests.

  • Analysis of the impact and consequences of identified misbehaviors.

  • Recommendations for addressing and mitigating critical issues.

Conclusion#

The TA-MISBEHAVIOURS framework enhances software trustability by systematically identifying, assessing, and resolving misbehaviors. Through rigorous testing and analysis, the framework contributes to the development of secure and dependable software solutions.