Jürjens, J.J.JürjensOchoa, M.M.OchoaSchmidt, H.H.SchmidtMarchal, L.L.MarchalHoumb, S.H.S.H.HoumbIslam, S.S.Islam2022-03-112022-03-112011https://publica.fraunhofer.de/handle/publica/37378810.1007/978-3-642-21455-4_15Developing security-critical systems is difficult, and there are many well-known examples of vulnerabilities exploited in practice. In fact, there has recently been a lot of work on methods, techniques, and tools to improve this situation already at the system specification and design. However, security-critical systems are increasingly long-living and undergo evolution throughout their lifetime. Therefore, a secure software development approach that supports maintaining the needed levels of security even through later software evolution is highly desirable. In this chapter, we recall the UMLsec approach to model-based security and discuss on tools and techniques to model and verify evolution of UMLsec models.en004conference paper