Proceedings of ISP RAS

Conformance test suite for implementations of the security protocol suite IPsec v2.

A. Nikeshin, N. Pakulin, V. Shnitman.


The paper presents conformance test suite for new Internet Protocol Security Suite IPsec v2. The test suite was constructed by means of the UniTESK automated testing technology and its implementation, CTESK toolkit.

The work was done in the Institute for System Programming of RAS within “Verification of security functions of the next generation protocol IPsec v2” supported by RFBR grant 07-07-00243. The project included elicitation of requirements for implementations, development of formal specification and prototype test suite for IPsec v2 including the protocol of key exchange IKE v2. The paper discusses the method of formalization of IPsec v2 requirements, test suite development process, and results of test suite application to the existing implementations. The application shows that the method presented in the paper allows for construction for efficient testing automation for such complex protocols like security protocols.


formal methods, model-based testing, conformance testing, IPsec, IKE.


Proceedings of the Institute for System Programming, vol. 18, 2010, pp. 151-182.

ISSN 2220-6426 (Online), ISSN 2079-8156 (Print).

Full text of the paper in pdf (in Russian) Back to the contents of the volume