The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Dynamic Logic
Formal System Development with KIV
FASE '00 Proceedings of the Third Internationsl Conference on Fundamental Approaches to Software Engineering: Held as Part of the European Joint Conferences on the Theory and Practice of Software, ETAPS 2000
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Abstract State Machines: A Method for High-Level System Design and Analysis
Abstract State Machines: A Method for High-Level System Design and Analysis
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
The Security Development Lifecycle
The Security Development Lifecycle
On the security of public key protocols
SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Formal verification of QVT transformations for code generation
Proceedings of the 14th international conference on Model driven engineering languages and systems
Formal verification of application-specific security properties in a model-driven approach
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Compositional verification of application-level security properties
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Hi-index | 0.00 |
SecureMDD is a model-driven approach to develop security-critical applications. The focus lies on the development of smart card and service applications. Those are inherently security-critical and are based on cryptographic protocols. These protocols are difficult to design and error-prone. To guarantee the security of an application, formal verification is an inherent part of our software engineering approach. In this paper we illustrate that the SecureMDD approach is applicable for the development of large and complex applications as well. To handle the size and complexity, an incremental development method is suggested. This is illustrated with the German electronic health card application as case study.