| Radio Frequency Identification(RFID) technology as a wireless automatic identification technology, has been widely used in entry and exit management, personnel precise positioning, intelligent transportation and other fields. With the continuous promotion of RFID technology, privacy leaks, property damage and other security issues have become increasingly outstanding. Currently, there are different communication protocol standards under the different band for the RFID systems, and they usually use protocol security mechanisms to secure communication between systems, but the realization of the protocol whether meets the requirements of correctness and security, it needs protocol testing to verify. Due to the 2.4G active RFID system is highly customizable and lack of corresponding protocol security testing standards, the study of protocol security testing technology and protocol security testing tools of RFID protocol is of great significance.The paper studys the 2.4G active RFID protocol based on the national standard GB/T 28925-2012: “the information technology, radio frequency identification 2.45 GHz air interface protocol”, work around the security issues of the protocol, for the security and safety testing methods of TRAIS-P authentication protocol. On the basis of summary protocol testing theory and technology, by studying the characteristics of the test protocol, the paper completes the design and implementation of the protocol security test cases and security testing tools. Paper includes the following aspects:1. Protocol security testing theory analysis. The paper uses the finite state machine model of the formal analysis to complete the base analysis of the protocol and uses the fault injection testing methods to design replay attacks, identity spoofing attacks, interference attacks.2. Protocol security test cases design. The research use the finite state machine model to design test sequences and protocol base test cases, to verify that the implementation under test(IUT) whether in accordance with the protocol standard. Then the paper use fault injection method to design protocol security test cases, to verify that the implementation under test can resist such attacks.3. Protocol security testing tool design and implementation. The paper gives the overall architecture of protocol security testing tools, then designs and realizes the security test management module, frame management module, transceiver module in the architecture. By the 2.4G large-capacity tag system to verify the feasibility of protocol security testing tool and the security of the implementation under test.Based on the existing testing theory, the paper proposes security testing solutions for 2.4G active RFID protocol. Meanwhile the research gives the protocol security testing methods on the protocol-based testing and fault injection testing, and to complete the design and implementation of test models, test cases and test tools. We provide a protocol security testing tool with the advantages of user-interactive, simple and practical, easy to extend for testers, and a reference for the research of protocols safety testing. |
PDF Full Text Request