Automated security hardening for evolving UML models

Developing security-critical software correctly and securely is difficult. To address this problem, there has been a significant amount of work over the last 10 years on providing model-based development approaches based on the Unified Modeling Language which aim to raise the trustworthiness of security-critical systems, some of them including tools allowing the user to check whether a UML model satisfies the relevant security requirements. However, when the requirements are not satisfied by a given model, it can be challenging for the user to determine which changes to do to the model so that it will indeed satisfy the security requirements. Also, the fact that software continues to evolve on an ongoing basis, even after the implementation has been shipped to the customer, increases the challenge since in principle, the software has to be re-verified after each modification, requiring significant efforts. We present work on automated tool-support that exploits recent w ork on secure software evolution in the Secure Change project in order to support the security hardening of evolving UML models (within the context of the UML security extension UMLsec).