Bandera: a source-level interface for model checking Java programs
Proceedings of the 22nd international conference on Software engineering
Automatic Verification of Cryptographic Protocols with SETHEO
CADE-14 Proceedings of the 14th International Conference on Automated Deduction
Bogor: an extensible and highly-modular software model checking framework
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Code Security Analysis of a Biometric Authentication System Using Automated Theorem Provers
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Secure Systems Development with UML
Secure Systems Development with UML
jETI: a tool for remote tool integration
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Dynamic secure aspect modeling with UML: from models to code
MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
Model-Based Security Engineering of Distributed Information Systems Using UMLsec
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Towards Model-Based Automatic Testing of Attack Scenarios
SAFECOMP '09 Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security
Finding robust solutions in requirements models
Automated Software Engineering
| Hi-index | 0.00 |
We present tool-support for checking UML models and C code against security requirements. A framework supports implementing verification routines, based on XMI output of the diagrams from UML CASE tools, and on control flow generated from the C code. The tool also supports weaving security aspects into the code generated from the models. Advanced users can use this open-source framework to implement verification routines for the constraints of self-defined security requirements. We focus on a verification routine that automatically verifies crypto-based software for security requirements by using automated theorem provers.