We assume that if handling of invalid messages between each networks is different, this may lead to implementation vulnerabilities. Therefore, we implements the framework that automatically builds the state machine of network using the UE side log. The framework is implemented on top of srsRAN project. The srsRAN implements each cellular network entity with software so that LTE network can be accessed using SDR equipment. Based on this open-source project, we implemented the following modules and programs.
- First, module that converts config file to internal structure so that it can be recognized by srsRAN when given the form of the message to be tested.
- Second, module capable of logging the result value while repeatedly executing the test by changing the input file.
- Third, CLI based analyzer that analyzes stored result values.
- Fourth, program that builds the state machine based on stored log.
Libraries and frameworks
- UE simulator: C++, C
- Analyzer: Python (with py_cui library)
- State machine generator: Python (with transitions library)