Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Security patterns modeling and formalization for pattern-based development of secure software systems

: Hamid, Brahim; Gürgens, Sigi; Fuchs, Andreas


Innovations in systems and software engineering. A NASA journal 12 (2016), Nr.2, S.109-140
ISSN: 1614-5046
EISSN: 1614-5054
Fraunhofer SIT ()
secure software systems; trust; security; pattern; meta-model; model driven engineering; formal modeling

Pattern-based development of software systems has gained more attention recently by addressing new challenges such as security and dependability. However, there are still gaps in existing modeling languages and/or formalisms dedicated to modeling design patterns and the way how to reuse them in the automation of software development. The solution envisaged here is based on combining metamodeling techniques and formal methods to represent security patterns at two levels of abstraction to fostering reuse. The goal of the paper is to advance the state of the art in model and pattern-based security for software and systems engineering in three relevant areas: (1) develop a modeling language to support the definition of security patterns using metamodeling techniques; (2) provide a formal repre sentation and its associated validation mechanisms for the verification of security properties; and (3) derive a set of guidelines for the modeling of security patterns within the integration of these two kinds of representations.