Modelling secure systems evolution: Abstract and concrete change specifications

Jürjens, J.; Ochoa, M.; Schmidt, H.; Marchal, L.; Houmb, S.H.; Islam, S.

doi:10.1007/978-3-642-21455-4_15

2011

Conference Paper

Abstract

Developing security-critical systems is difficult, and there are many well-known examples of vulnerabilities exploited in practice. In fact, there has recently been a lot of work on methods, techniques, and tools to improve this situation already at the system specification and design. However, security-critical systems are increasingly long-living and undergo evolution throughout their lifetime. Therefore, a secure software development approach that supports maintaining the needed levels of security even through later software evolution is highly desirable. In this chapter, we recall the UMLsec approach to model-based security and discuss on tools and techniques to model and verify evolution of UMLsec models.

Author(s)

Jürjens, J.

Ochoa, M.

Schmidt, H.

Marchal, L.

Houmb, S.H.

Islam, S.

Mainwork

Formal methods for eternal networked software systems

Conference

International School on Formal Methods for the Design of Computer, Communication, and Software Systems (SFM) 2011

Options

Modelling secure systems evolution: Abstract and concrete change specifications