Description in the LTE specification:
When a partial native EPS security context is taken into use through a security mode control procedure, the MME and the UE shall delete the previously current EPS security context.
Input of TPG:
initiate state: UE has not established NAS security context (added by expert)
condition event: a partial native EPS security context is taken into use
expected operation: the MME and the UE shall consider the previously EPS security context valid
(negative testing)
Reasoned chain and sentences used:
Reason for condition event
EDG: a partial native EPS security context is taken into use == EPS security context taken into use
by ML model
>> This means that we can trigger the event *EPS security context taken into use* to indirectly trigger the event *create an EPS security context*
EDG: MME initiates a security mode control procedure --> EPS security context is taken into use
sentence: The EPS security context is taken into use by the UE and the MME, when the MME initiates a security mode control procedure or ...
>> This means that we can trigger the event *initiates a security mode control procedure* to indirectly trigger the event *EPS security context taken into use*
EDG: send a SECURITY MODE COMMAND message --> initiates the NAS security security mode control procedure
sentence: The MME initiates the NAS security mode control procedure by sending a SECURITY MODE COMMAND message to the UE and ...
EDG: initiates the NAS security mode control procedure == MME initiates a security mode control procedure
by ML mode
>> This means that we can trigger the event *send a SECURITY MODE COMMAND message* to indirectly trigger the event *initiates a security mode control procedure". Moreover, considering all the sentences (including security requirement) to identify parameter setting, the *partial* native EPS security context is the key to cipher the SECURITY MODE COMMAND message. However, this information requires the completion of authentication procedure. So the expert need to manually adjust the testing steps, issuing the AUTHENTICATION REQUEST message first and then triggering the event *send SECURITY MODE COMMAND message using the partial native EPS security context created by the authentication procedure*.
Reason for expected operation
>> The expected operation is similar to the one of the security requirement 1. Please refer to S1 (click) to see the reasoning. The difference is here the expected operation is *consider the previously EPS security context valid* not *consider the EPS security context valid*. According to it, expert can adjust the test procedure to create a EPS security context before triggering the condition event, and then send the SECURITY MODE COMMAND message using this context to check whether the expected operation taken place. If the testing system observes the expected action, it will determines that the UE violates the security requirement.
Note: the colored phrase are the messages to transmit and the parameters required to set.