Model-based security analysis for mobile communications
Proceedings of the 30th international conference on Software engineering
Model-based Security Testing Using UMLsec
Electronic Notes in Theoretical Computer Science (ENTCS)
Editorial: Model-Driven Development for secure information systems
Information and Software Technology
CAiSE '09 Proceedings of the 21st International Conference on Advanced Information Systems Engineering
Compositional modeling for data-centric business applications
SC'08 Proceedings of the 7th international conference on Software composition
A framework to support alignment of secure software engineering with legal regulations
Software and Systems Modeling (SoSyM)
Incremental security verification for evolving UMLsec models
ECMFA'11 Proceedings of the 7th European conference on Modelling foundations and applications
A practical application of our MDD approach for modeling secure XML data warehouses
Decision Support Systems
Evaluation of the Pattern-based method for Secure Development (PbSD): A controlled experiment
Information and Software Technology
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Specifying model changes with UMLchange to support security verification of potential evolution
Computer Standards & Interfaces
Hi-index | 0.00 |
For model-based development to be a success in practice, it needs to have a convincing added-value associated with its use. Our goal is to provide such added-value by developing tool-support for the analysis of UML models against difficult system requirements. Towards this goal, we describe a UML verification framework supporting the construction of automated requirements analysis tools for UML diagrams. The framework is connected to industrial CASE tools using XMI and allows convenient access to this data and to the human user. As a particular example, we present plugins for verifying models defined using the security extension UMLsec of UML. The verification framework allows advanced users of the UMLsec approach to themselves implement verification routines for the constraints of self-defined stereotypes. In particular, we focus on an analysis plug-in that utilizes the model-checker Spin to verify security properties of cryptography-based systems.