Model Checking of Security-Critical Applications in a Model-Driven Approach

被引:0
|
作者
Borek, Marian [1 ]
Moebius, Nina [1 ]
Stenzel, Kurt [1 ]
Reif, Wolfgang [1 ]
机构
[1] Univ Augsburg, Dept Software Engn, Augsburg, Germany
来源
SOFTWARE ENGINEERING AND FORMAL METHODS, SEFM 2013 | 2013年 / 8137卷
关键词
VERIFICATION;
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This paper illustrates the integration of model checking in SecureMDD, a model-driven approach for the development of security-critical applications. In addition to a formal model for interactive verification as well as executable code, a formal system specification for model checking is generated automatically from a UML model. Model checking is used to find attacks automatically and interactive verification is used by an expert to guarantee security properties. We use AVANTSSAR for model checking and KIV for interactive verification. The integration of AVANTSSAR in SecureMDD and the advantages and disadvantages over interactive verification with KIV are demonstrated with a smart card based electronic ticketing example.
引用
收藏
页码:76 / 90
页数:15
相关论文
共 50 条
  • [1] Abstracting Security-Critical Applications for Model Checking in a Model-Driven Approach
    Borek, Marian
    Stenzel, Kurt
    Katkalov, Kuzman
    Reif, Wolfgang
    [J]. PROCEEDINGS OF 2015 6TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE, 2015, : 11 - 14
  • [2] Generating Formal Specifications for Security-Critical Applications - A Model-Driven Approach
    Moebius, Nina
    Stenzel, Kurt
    Reif, Wolfgang
    [J]. 2009 ICSE WORKSHOP ON SOFTWARE ENGINEERING FOR SECURE SYSTEMS, 2009, : 68 - 74
  • [3] Integration and Exchangeability of External Security-Critical Web Services in a Model-Driven Approach
    Borek, Marian
    Stenzel, Kurt
    Katkalov, Kuzman
    Reif, Wolfgang
    [J]. ADVANCES IN CONCEPTUAL MODELING, ER 2015 WORKSHOPS, 2015, 9382 : 63 - 73
  • [4] A Model-Driven Approach to Web Applications
    Kozlovics, Sergejs
    [J]. DATABASES AND INFORMATION SYSTEMS IX, 2016, 291 : 73 - 86
  • [5] A Model-Driven approach to Information Security Compliance
    Correia, Anacleto
    Goncalves, Antonio
    Filomena Teodoro, M.
    [J]. APPLIED MATHEMATICS AND COMPUTER SCIENCE, 2017, 1836
  • [6] A Model-driven Approach to Trace Checking of Temporal Properties with Aggregations
    Boufaied, Chaima
    Bianculli, Domenico
    Briand, Lionel
    [J]. JOURNAL OF OBJECT TECHNOLOGY, 2019, 18 (02):
  • [7] Trusted Compliance Checking on Blockchain with Commitments: A Model-Driven Approach
    Bertolini, Marcello
    Meroni, Giovanni
    Plebani, Pierluigi
    [J]. BUSINESS PROCESS MANAGEMENT FORUM, BPM 2023 FORUM, 2023, 490 : 3 - 19
  • [8] A Model-driven Approach to Representing and Checking RBAC Contextual Policies
    Ben Fadhel, Ameni
    Bianculli, Domenico
    Briand, Lionel
    Hourte, Benjamin
    [J]. CODASPY'16: PROCEEDINGS OF THE SIXTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY, 2016, : 243 - 253
  • [9] A usability model for mobile applications generated with a model-driven approach
    Ammar, Lassaad Ben
    [J]. International Journal of Advanced Computer Science and Applications, 2019, 10 (02): : 140 - 146
  • [10] A Usability Model for Mobile Applications Generated with a Model-Driven Approach
    Ben Ammar, Lassaad
    [J]. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2019, 10 (02) : 140 - 146
12345