Supporting Security Assurance in the Context of Evolution: Modular Modeling and Analysis with UMLsec
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering (2012)
Omaha, NE, USA USA
Oct. 25, 2012 to Oct. 27, 2012
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HASE.2012.35
Developing security-critical software correctly and securely is difficult. To address this problem, there has been a significant amount of work over the last 10 years on providing model-based development approaches based on the Unified Modeling Language which aim to raise the trustworthiness of security-critical systems. However, the fact that software continues to evolve on an ongoing basis, even after the implementation has been shipped to the customer, increases the challenge since in principle, the software has to be reverified after each modification, requiring significant efforts. In particular, as part of the system evolution, the threat model can change against which the design has to be verified. This requires a modular approach to security assurance, since the threat model has to be substituted independently from the design model. In this paper, we present such an approach based on the extension mechanisms available for the Unified Modeling Language (UML), in particular using so-called profiles. This modular approach allows us to define analysis models which can be exchanged easily whenever the threat model changes due to system evolution. We demonstrate the approach in the face of a specific security requirement, namely secure information flow.
Secure Information Flow, Modular Analysis Model, UMLsec
T. Ruhroth and J. Jurjens, "Supporting Security Assurance in the Context of Evolution: Modular Modeling and Analysis with UMLsec," 2012 IEEE 14th International Symposium on High-Assurance Systems Engineering(HASE), Omaha, NE, USA USA, 2012, pp. 177-184.