Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Code Security Analysis of a Biometric Authentication System Using Automated Theorem Provers
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Security Analysis of Crypto-based Java Programs using Automated Theorem Provers
ASE '06 Proceedings of the 21st IEEE/ACM International Conference on Automated Software Engineering
Model-Based Security Engineering of Distributed Information Systems Using UMLsec
ICSE '07 Proceedings of the 29th international conference on Software Engineering
| Hi-index | 0.00 |
We give an overview over the challenges in developing secure embedded systems and show how to use the approach of Model-based Security Engineering (MBSE) to address them. In MBSE [Jür04, Jür05a, Jür05b, Jür06, BJN07], recurring security requirements (such as secrecy, integrity, authenticity and others) and security assumptions on the system environment, can be specified either within a UML specification, or within the source code (Java or C) as annotations. The associated tools [UML04] (Fig. 1b) generate logical formulas formalizing the execution semantics and the annotated security requirements.