Information

Smart contracts are vulnerable to critical, design-level Business Logic Flaws (BLFs) that conventional analysis tools often fail to detect. To address this semantic gap, this study introduces a novel ontological framework that formally models the link between high-level architectural intent and low-level Sui Move code. The methodology employs a rigorous Linked Open Terms (LOT) approach to construct a comprehensive ontology, integrated with a library of secure design patterns and process-aware Object-Centric Dynamic Condition Response (OC-DCR) graphs. Qualitative validation was conducted on four canonical security patterns (Access Control, Circuit Breaker, Time Incentivization, Escapability) drawn from the official Sui Framework, confirming the framework’s representational adequacy and logical consistency. Ultimately, this work contributes the first machine-readable semantic layer for Sui Move, decoupling reasoning from raw code availability, and providing the essential semantic foundation for the future development of pattern-aware auditing tools.

Data encryption is a core mechanism in modern security services for protecting confidential data at rest and in transit. This work introduces the Super Encryption Standard (SES), a symmetric block cipher that follows the overall workflow of the Advanced Encryption Standard (AES) but adopts a key-dependent design to enlarge the effective key space and improve execution efficiency. The SES accepts a user-supplied key file and a selectable block dimension, from which it derives per-block round material and a dynamic substitution box generated using SHA-512. Each round relies only on XOR and a conditional half-byte swap driven by key-derived row and column vectors, enabling lightweight diffusion and confusion with low implementation cost. Experimental evaluation using multiple color images of different sizes shows that the proposed SES algorithm achieves faster encryption than the AES baseline and produces a ciphertext that behaves statistically like random noise. The encrypted images exhibit very low correlation between adjacent pixels, strong sensitivity to even minor changes in the plaintext and in the key, and resistance to standard statistical and differential attacks. Analysis of the SES substitution box also indicates favorable differential and linear properties that are comparable to those of the AES. The SES further supports a very wide key range, scaling well beyond typical fixed-length keys, which substantially increases brute-force difficulty. Therefore, the SES is a promising cipher for image encryption and related data-protection applications.

Large Language Models (LLMs) have demonstrated significant potential in transforming software testing by automating tasks such as test case generation. In this work, we explore the integration of LLMs within a Model-Driven Engineering (MDE) approach to enhance the automation of test case generation for smart contracts. Our focus lies in the use of Role-Based Access Control (RBAC) models as formal specifications that guide the generation of test scenarios. By leveraging LLMs’ ability to interpret both natural language and model artifacts, we enable the derivation of model-based test cases that align with specified access control policies. These test cases are subsequently translated into executable code in Digital Asset Modeling Language (DAML) targeting blockchain-based smart contract platforms. Building on prior research that established a complete MDE pipeline for DAML smart contract development, we extend the framework with LLM-supported test automation capabilities and implement the necessary tooling to support this integration. Our evaluation demonstrates the feasibility of using LLMs in this context, highlighting their potential to improve testing coverage, reduce manual effort, and ensure conformance with access control specifications in smart contract systems.