Model Checking of Security-Critical Applications in a Model-Driven Approach

被引：0

作者：

Borek, Marian ^{[1
]}

Moebius, Nina ^{[1
]}

Stenzel, Kurt ^{[1
]}

Reif, Wolfgang ^{[1
]}

机构：

[1] Univ Augsburg, Dept Software Engn, Augsburg, Germany

来源：

SOFTWARE ENGINEERING AND FORMAL METHODS, SEFM 2013 | 2013年 / 8137卷

关键词：

VERIFICATION;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

This paper illustrates the integration of model checking in SecureMDD, a model-driven approach for the development of security-critical applications. In addition to a formal model for interactive verification as well as executable code, a formal system specification for model checking is generated automatically from a UML model. Model checking is used to find attacks automatically and interactive verification is used by an expert to guarantee security properties. We use AVANTSSAR for model checking and KIV for interactive verification. The integration of AVANTSSAR in SecureMDD and the advantages and disadvantages over interactive verification with KIV are demonstrated with a smart card based electronic ticketing example.

引用

页码：76 / 90

页数：15

共 50 条

[41] Model-driven development of enterprise applications
Kulkarni, V
Reddy, S
[J]. UML MODELING LANGUAGES AND APPLICATIONS, 2005, 3297 : 118 - 128
[42] Model-driven architecture for mobile applications
Dunkel, Jurgen
Bruns, Ralf
[J]. BUSINESS INFORMATION SYSTEMS, PROCEEDINGS, 2007, 4439 : 464 - +
[43] Model-driven architecture based security analysis
Mili, Saoussen
Nguyen, Nga
Chelouah, Rachid
[J]. SYSTEMS ENGINEERING, 2021, 24 (05) : 307 - 321
[44] Testing of model-driven development applications
Beatriz Marín
Carlos Gallardo
Diego Quiroga
Giovanni Giachetti
Estefanía Serral
[J]. Software Quality Journal, 2017, 25 : 407 - 435
[45] Model-driven architecture for Web applications
Taleb, Mohamed
Seffah, Ahmed
Abran, Alain
[J]. HUMAN-COMPUTER INTERACTION, PT 1, PROCEEDINGS: INTERACTION DESIGN AND USABILITY, 2007, 4550 : 1198 - +
[46] Testing of model-driven development applications
Marin, Beatriz
Gallardo, Carlos
Quiroga, Diego
Giachetti, Giovanni
Serral, Estefania
[J]. SOFTWARE QUALITY JOURNAL, 2017, 25 (02) : 407 - 435
[47] Model-driven development of composite applications
Patig, Susanne
[J]. MODEL-BASED SOFTWARE AND DATA INTEGRATION, 2008, 8 : 67 - 78
[48] MODEL-DRIVEN ENGINEERING OF FUNCTIONAL SECURITY POLICIES
Jiague, Michel Embe
Frappier, Marc
Gervais, Frederic
Konopacki, Pierre
Laleau, Regine
Milhau, Jeremy
St-Denis, Richard
[J]. ICEIS 2010: PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS, VOL 3: INFORMATION SYSTEMS ANALYSIS AND SPECIFICATION, 2010, : 374 - 379
[49] ModelSec: A Generative Architecture for Model-Driven Security
Sanchez, Oscar
Molina, Fernando
Garcia-Molina, Jesus
Toval, Ambrosio
[J]. JOURNAL OF UNIVERSAL COMPUTER SCIENCE, 2009, 15 (15) : 2957 - 2980
[50] Model-driven security in practice: An industrial experience
Clavel, Manuel
da Silva, Viviane
Braga, Christiano
Egea, Marina
[J]. MODEL DRIVEN ARCHITECTURE - FOUNDATIONS AND APPLICATIONS, PROCEEDINGS, 2008, 5095 : 326 - +

← 1 2 3 4 5 →