Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
KBSE
2007
IEEE
2007
IEEE
Tools for model-based security engineering: models vs. code
We present tools to support model-based security engineering on both the model and the code level. In the approach supported by these tools, one firstly specifies the securitycritical part of the system (e.g. a crypto protocol) using the UML security extension UMLsec. The models are automatically verified for security properties using automated theorem provers. These are implemented within a framework that supports implementing verification routines, based on XMI output of the diagrams from UML CASE tools. Advanced users can use this open-source framework to implement verification routines for the constraints of self-defined security requirements. In a second step, one verifies that security-critical parts of the model are correctly implemented in the code (which might be a legacy implementation), and applies security hardening transformations where is that not the case. This is supported by tools that (1) establish traceability through refactoring scripts and (2) modularize se...
Real-time TrafficKBSE 2007 | Model-based Security Engineering | Security | Software Engineering | UML Security Extension |
Related Content
| Added | 04 Jun 2010 |
| Updated | 04 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | KBSE |
| Authors | Jan Jürjens, Yijun Yu |
Comments (0)
Researcher Info
|
