Home » SHIELDS Tools

TestInv-Code

Tool Details

Tool Name: TestInv-Code
Tool Title Phrase: TestInv-Code, a passive testing tool that monitors execution traces of an application during run-time and verifies whether it satisfies certain security-related invariants derived from SHIELDS models (VDCs - Vulnerability Detection Conditions).
Current Version: 0.1
Description: TestInv-Code is a passive testing tool developed by Montimage that accepts formal vulnerability models written using VDCs and detects them in an application by analysing the traces of the code while it is executing. The traces used by TestInv-Code are the disassembled instructions produced by executing the program under the control of the TestInv-Code tool.In this way a set of VDCs specified by security experts for a given programming environment can be used to detect flaws in the application that can be exploited to produce unwanted behaviour. The types of flaws that can be detected are, for instance, insufficient controls that would allow buffer overflows, integer overflow, use of tainted data, use of vulnerable system functions and use of unbounded data.During the execution of the application, TestInv-Code will produce messages that allow identifying the vulnerability and its location in the application's code.
Architecture: The Figure below represents the basic architecture of the tool and the required input and outputs.

As shown, the TestInv-Code tool takes as input (in blue):
  1. The vulnerability causes: the file containing the vulnerabilities causes formally specified using VDCs and rules.
  2. The executable: the Executable Linked Format (ELF) file for the application that is to be tested. This file contains the binary code of the application and it should include debug information if we want the tool to be able to determine the line of code where the vulnerability occurs.

The tools processes this information and executes the code and notifies when a vulnerability is detected and where it is located in the code.

List of Features: TestInv-Code is a powerful detection tool that can be customized to work on different Linux programming environments and languages. It can support ELF (Executable Linked Format) binary files produced by Linux C, C++, Java and ADA compilers.
Web site: Not yet available
Contact information: contact@montimage.com
Other informations: The prototype version will be made available under an open source license before the end of 2009. It has been developed by Montimage. A commercial version will also be made available, as well as services offering assistance in the detection, elimination and test of vulnerabilities.