a small state machine trying to get out.
By choosing a proper set of input actions
and by defining an appropriate mapper/
abstraction, we can make this small
state machine visible to the learner.
Examples of Applications
During recent years, model learning has
been successfully applied to numerous
practical cases in different domains.
There have been industrial applications, for instance, on regression testing of telecommunication systems at
Siemens, 20 on integration testing at
France Telecom, 36 on automatic testing of an online conference service of
Springer Verlag, 39 and on testing requirements of a brake-by-wire system from
Volvo Technology. 16 Below, I review some
representative case studies that have
been carried out at Radboud University
related to smart cards, network protocols, and legacy software.
Smartcards. Chalupar et al. 13 used
model learning to reverse engineer the
e.dentifier2, a smartcard reader for
Internet banking. To be able to learn a
model of the e.dentifier2, the authors
constructed a Lego robot, controlled
by a Raspberry Pi that can operate the
keyboard of the reader (see Figure 6).
Controlling all this from a laptop, they
then could use LearnLib26 to learn models of the e.dentifier2. They learned a
four-state Mealy machine of one version of
the e.dentifier2 that revealed the presence
of a security flaw, and showed that the
flaw is no longer present in a three-state
model for the new version of the device.
In another study, Aarts et al. 3 learned
models of implementations of the EMV
protocol suite on bank cards issued
by several Dutch and German banks,
on MasterCard credit cards issued by
Dutch and Swedish banks, and on one
UK Visa debit card. To learn the models,
LearnLib performed between 855 and
1,696 membership and test queries for
each card and produced models with
four to eight states. (Figure 7 shows one
of the learned models.) All cards resulted
in different models, only the applications on the Dutch cards were identical.
The models learned did not reveal any
security issues, although some peculiar-ities were noted. The authors argue that
model learning would be useful as part
of security evaluations.
Network protocols. Our society has
become completely dependent on the
be smaller for a restricted number of
stimuli. Models learned for a subset of
the inputs may then be used to gener-
ate counterexamples while learning
models for larger subsets. Yet another
approach, which, for instance, has
been applied by Chalupar et al., 13 is to
merge several input actions that usually
occur in a specific order into a single
high-level action, thus reducing the
number of inputs. Again, models that
have been learned with a small number
of high level inputs may be used to gen-
erate counterexamples in subsequent
experiments in which these inputs are
broken up into their constituents.
Paraphrasing C.A.R. Hoare, one could
say that in every large program there is
Figure 4. Model learning within the MAT framework.
Figure 5. Model learning with a mapper.
Figure 6. Lego robot used to reverse engineer the e.dentifier2 smartcard reader (picture
courtesy of Chalupar13).