Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Modelling secure systems evolution: Abstract and concrete change specifications

: Jürjens, J.; Ochoa, M.; Schmidt, H.; Marchal, L.; Houmb, S.H.; Islam, S.


Bernardo, M.:
Formal methods for eternal networked software systems : 11th International School on Formal Methods for the Design of Computer, Communication and Software Systems, SFM 2011, Bertinoro, Italy, June 13-18, 2011; advanced lectures
Berlin: Springer, 2011 (Lecture Notes in Computer Science 6659)
ISBN: 3-642-21454-1
ISBN: 978-3-642-21454-7
ISBN: 978-3-642-21455-4
ISSN: 0302-9743
International School on Formal Methods for the Design of Computer, Communication, and Software Systems (SFM) <11, 2011, Bertinoro/Italy>
Conference Paper
Fraunhofer ISST ()

Developing security-critical systems is difficult, and there are many well-known examples of vulnerabilities exploited in practice. In fact, there has recently been a lot of work on methods, techniques, and tools to improve this situation already at the system specification and design. However, security-critical systems are increasingly long-living and undergo evolution throughout their lifetime. Therefore, a secure software development approach that supports maintaining the needed levels of security even through later software evolution is highly desirable. In this chapter, we recall the UMLsec approach to model-based security and discuss on tools and techniques to model and verify evolution of UMLsec models.