Security is a very important issue in information processing, especially in open network environments like the Internet.The Common Criteria (CC) is the standard requirements catalogue for the evaluation of security critical systems. Using the CC, a large number of security requirements on the system itself and on the system development can be defined. However, the CC does not give methodological support.In this paper, we show how integrate security aspects into the software engineering process. The activities and documents from the Common Criteria are tightly intertwined with the system development, which improves the quality of the developed system and reduces the additional cost and effort due to high security requirements. For modelling and verification of critical parts of the system, we use formal description techniques and model checking (supported by the graphical CASE tool AuToFocus), which increases both the understanding of the system specification and the system's reliability. We demonstrate our ideas by means of a casestudy, the PalME project--an electronic purse application for Palm handhelds.
There is a strong demand for techniques to aid development and modelling of security critical systems. Based on general security evaluation criteria, we show how to extend the system structure diagrams of the CASE tool AUTO F OCUS (which are related to UML-RT collaboration diagrams) to allow modelling of security critical systems, in particular concerning components and channels. Both high-level and low-level models of systems are supported, and the notion of security patterns is introduced to provide generic solutions for security requirements. We explain our approach on the example of an electronic purse card system.
Security is a very important issue in information processing, especially in open network environments like the Internet. The Common Criteria (CC) is the standard requirements catalogue for the evaluation of security critical systems. Using the CC, a large number of security requirements on the system itself and on the system development can be defined. However, the CC does not give methodological support.In this paper, we show how integrate security aspects into the software engineering process. The activities and documents from the Common Criteria are tightly intertwined with the system development, which improves the quality of the developed system and reduces the additional cost and effort due to high security requirements. For modelling and verification of critical parts of the system, we use formal description techniques and model checking (supported by the graphical CASE tool AutoFocus), which increases both the understanding of the system specification and the system's reliability. We demonstrate our ideas by means of a casestudy, the PalME project-an electronic purse application for Palm handhelds.
No abstract
The construction of increasingly sophisticated software systems demands techniques to reduce the complexity of the development process by supplying automated steps. In a model-based approach, operations to analyse and transform models of the system can be used to supply some automation for the development process. These operations can be embedded in a CASE-based approach to ensure conceptual consistency and support the application of design and process patterns. MotivationThe construction of increasingly sophisticated software products has lead to widening gap between the required and supplied productivity in software development. To overcome the complexity of realistic software systems and thus increase productivity, current approaches (e.g., RUP [5]) generally focus on a view-based development using appropriate description techniques (e.g., UML [3]). Here, the specification of a software product is structured according to views (horizontal, e.g., structure, the behavior; vertical, e.g., component/sub-components). To combine those views, they are mapped onto a common model integrating those different horizontal and vertical abstractions. Integration can be defined on the conceptual level (similar to an abstract syntactical level) or on the system level (semantical level).When integrating different views, however, inconsistencies may arise, either on the conceptual level (e.g., conflicts between external and internal interface of a component) or on the semantical level (e.g., specified behavior and given sample runs of a component). While conflicts on the semantical level require rather sophisticated models of analysis with limited possibilities for automation, on the concep- * This work was supported by DFG (projects InOpSys and Inkrea, under reference numbers Br 887/16-1 and Br 887/14-1).tual level graph-like models with various possibilities for automated analysis can be used. Besides view-based development, automated development steps -using pattern-based mechanized transformations -are an important technique to improve the efficiency of the development process. Besides increasing efficiency, these patterns offer consistency ensuring modification of models, ranging from refactoring steps to improve the architecture of a system to the consistent integration of standard behavior. Here, these models also provide a good basis for transformational approaches supporting automated process pattern application.In this article we focus on the conceptual part of the model and its realization in AutoFOCUS, a CASE tool prototype 1 for the development of embedded systems offering description formalisms similar to the UML and based on hierarchic state-machines as shown in Figure 2. Here, we show how the model-based approach of AutoFOCUS can be used to supply tool-supported integration of standard functionality in application-specific behavior. Such an approach is, e.g., commonly needed in embedded software; there, application-specific behavior (e.g., the control of a press) is generally extended with standard functionalitie...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.