Generating Formal Specifications for Security-Critical Applications - A Model-Driven Approach

被引:7
|
作者
Moebius, Nina [1 ]
Stenzel, Kurt [1 ]
Reif, Wolfgang [1 ]
机构
[1] Univ Augsburg, Dept Software Engn & Programming Languages, Inst Comp Sci, D-86135 Augsburg, Germany
来源
2009 ICSE WORKSHOP ON SOFTWARE ENGINEERING FOR SECURE SYSTEMS | 2009年
关键词
D O I
10.1109/IWSESS.2009.5068461
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The SecureMDD approach aims to generate both, a formal specification for verification and executable code, front UML diagrams. The UML models define the static as well as dynamic components of the system under development. This model-driven approach is focused on security-critical applications that are based on cryptographic protocols, esp. Java Card applications. In this paper we describe the generation of the formal specification from the UML model which is then used as input for our interactive verification system KIV The formal specification is based on abstract state machines and algebraic specifications. It allows to formulate and to prove application-specific security properties.
引用
收藏
页码:68 / 74
页数:7
相关论文
共 50 条
  • [21] Generating network security protocol implementations from formal specifications
    Tobler, B
    Hutchison, ACM
    [J]. Certification and Security in Inter-Organizational E-Services, 2005, 177 : 33 - 53
  • [22] Generating network security protocol implementations from formal specifications
    Tobler, Benjamin
    Hutchison, Andrew C. M.
    [J]. IFIP Advances in Information and Communication Technology, 2005, 177 : 34 - 53
  • [23] Advances in Model-Driven Security
    Lucio, Levi
    Zhang, Qin
    Nguyen, Phu H.
    Amrani, Moussa
    Klein, Jacques
    Vangheluwe, Hans
    Le Traon, Yves
    [J]. ADVANCES IN COMPUTERS, VOL 93, 2014, 93 : 103 - 152
  • [24] Formal model-driven program refactoring
    Massoni, Tiago
    Gheyi, Rohit
    Borba, Paulo
    [J]. FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING, PROCEEDINGS, 2008, 4961 : 362 - +
  • [25] A formal model and risk assessment method for security-critical real-time embedded systems
    Ni, Siru
    Zhuang, Yi
    Gu, Jingjing
    Huo, Ying
    [J]. COMPUTERS & SECURITY, 2016, 58 : 199 - 215
  • [26] Synthesis from Temporal Specifications: New Applications in Robotics and Model-Driven Development
    Piterman, Nir
    [J]. MATHEMATICAL FOUNDATIONS OF COMPUTER SCIENCE 2013, 2013, 8087 : 45 - 49
  • [27] Model-driven consistency checking of behavioural specifications
    Graaf, Bas
    van Deursen, Arie
    [J]. FOURTH INTERNATIONAL WORKSHOP ON MODEL-BASED METHODOLOGIES FOR PERVASIVE AND EMBEDDED SOFTWARE, PROCEEDINGS, 2007, : 115 - +
  • [28] A usability model for mobile applications generated with a model-driven approach
    Ammar L.B.
    [J]. International Journal of Advanced Computer Science and Applications, 2019, 10 (02): : 140 - 146
  • [29] Engineering Rich Internet Applications with a Model-Driven Approach
    Fraternali, Piero
    Comai, Sara
    Bozzon, Alessandro
    Carughi, Giovanni Toffetti
    [J]. ACM TRANSACTIONS ON THE WEB, 2010, 4 (02)
  • [30] A Model-Driven Approach to develop Rich Web Applications
    Nunez, Guido
    Gonzalez, Magali
    Aquino, Nathalie
    Cernuzzi, Luca
    [J]. 2017 XLIII LATIN AMERICAN COMPUTER CONFERENCE (CLEI), 2017,
12345