Chhagan Lal

Chhagan Lal, Dusica Marijan

Specific testing solutions targeting blockchain-based software are gaining huge attention as blockchain technologies are being increasingly incorporated into enterprise systems. As blockchain-based software enters production systems, it is paramount to follow proper engineering practices, ensure the required level of testing, and assess the readiness of the developed system. The existing research aims at addressing the testing-related issues and challenges of engineering blockchain-based software by providing suitable techniques and tools. However, like any emerging discipline, the best practices and tools for testing blockchain-based systems are not yet sufficiently developed. In this paper, we provide a comprehensive survey on the testing of Blockchain-based Applications (BC-Apps). First, we provide a discussion on identified challenges that are associated with BCApp testing. Second, we use a layered approach to discuss the state-of-the-art testing efforts in the area of BC technologies. In particular, we present an overview of the existing testing tools and techniques that provide testing solutions either for different components at various layers of the BC-App stack or across the whole stack. Third, we provide a set of future research directions based on the identified BC testing challenges and gaps in the literature review of existing testing solutions for BC-Apps. Moreover, we reflect on the specificity of BC-based software development procedure, which makes some of the existing tools or techniques inadequate, and call for the definition of standardised testing procedures and techniques for BC-Apps. The aim of our study is to highlight the importance of BC-based software testing and to pave the way for disciplined, testable, and verifiable BC software development.

Mohit Kumar Ahuja, Mohamed-Bachir Belaid, Pierre Bernabé et al.

Trustworthiness is a central requirement for the acceptance and success of human-centered artificial intelligence (AI). To deem an AI system as trustworthy, it is crucial to assess its behaviour and characteristics against a gold standard of Trustworthy AI, consisting of guidelines, requirements, or only expectations. While AI systems are highly complex, their implementations are still based on software. The software engineering community has a long-established toolbox for the assessment of software systems, especially in the context of software testing. In this paper, we argue for the application of software engineering and testing practices for the assessment of trustworthy AI. We make the connection between the seven key requirements as defined by the European Commission's AI high-level expert group and established procedures from software engineering and raise questions for future work.

Mauro Conti, Chhagan Lal

In this paper, we present a systematic survey on the contextual information based proximity detection techniques. These techniques are heavily used for improving security and usability in Zero-Interaction based Co-presence Detection and Authentication (ZICDA) systems. In particular, the survey includes a discussion on the possible adversary and communication models along with the existing security attacks on ZICDA systems, and it reviews the state-of-the-art proximity detection techniques that make use of contextual information. These proximity detection techniques are commonly referred to as Contextual Co-presence (COCO) protocols, which dynamically collect and use contextual information to improve the security of ZICDA systems during the proximity verification process. Finally, we summarize the significant challenges and suggest possible innovative and efficient future solutions for securely detecting co-presence between devices in the presence of adversaries. The proximity verification techniques presented in the literature usually involve trade-offs between metrics such as efficiency, security, deployment cost, and usability. At present, there is no ideal solution which adequately addresses the trade-off between these metrics. Therefore, we trust that this review gives an insight into the strengths and shortcomings of the known research methodologies and pave the way for the design of future practical, secure, and efficient solutions.

Mauro Conti, Sandeep Kumar E, Chhagan Lal et al.

Bitcoin is a popular cryptocurrency that records alltransactions in a distributed append-only public ledger calledblockchain. The security of Bitcoin heavily relies on the incentive-compatible proof-of-work (PoW) based distributed consensus pro-tocol, which is run by network nodes called miners. In exchangefor the incentive, the miners are expected to honestly maintainthe blockchain. Since its launch in 2009, Bitcoin economy hasgrown at an enormous rate, and it is now worth about 170 billions of dollars. This exponential growth in the market valueof Bitcoin motivates adversaries to exploit weaknesses for profit,and researchers to discover new vulnerabilities in the system,propose countermeasures, and predict upcoming trends.In this paper, we present a systematic survey that covers thesecurity and privacy aspects of Bitcoin. We start by presenting anoverview of the Bitcoin protocol and its major components alongwith their functionality and interactions within the system. Wereview the existing vulnerabilities in Bitcoin and its underlyingmajor technologies such as blockchain and PoW based consensusprotocol. These vulnerabilities lead to the execution of varioussecurity threats to the normal functionality of Bitcoin. Wethen discuss the feasibility and robustness of the state-of-the-art security solutions. Additionally, we present current privacyand anonymity considerations in Bitcoin and discuss the privacy-related threats to Bitcoin users along with the analysis of theexisting privacy-preserving solutions. Finally, we summarize thecritical open challenges and suggest directions for future researchtowards provisioning stringent security and privacy techniquesfor Bitcoin.