Stephan Seifermann scite author profile

Preservation of confidentiality has become a crucial quality property of software systems that software vendors have to consider in each development phase. Especially, neglecting confidentiality constraints in the software architecture leads to severe issues in later phases that often are hard to correct. In contrast to the implementation phase, there is no support for systematically considering confidentiality in architectural design phases by means of data processing descriptions. To fill this gap, we introduce data flows in an architectural description language to enable simple definition of confidentiality constraints. Afterwards, we transform the software architecture specification to a logic program to find violated confidentiality constraints. In a case study-based evaluation, we apply the analysis to sixteen scenarios to show the accuracy of the approach.

show abstract

Data Stream Operations as First-Class Entities in Component-Based Performance Models

Werle

Seifermann

Koziolek

2020

View full text Add to dashboard Cite

Data streaming applications are an important class of dataintensive systems. Performance is an essential quality of such systems. It is, for example, expressed by the delay of analysis results or the utilization of system resources. Architecture-level decisions such as the configuration of sources, sinks and operations, their deployment or the choice of technology impact the performance. Current component-based performance prediction approaches cannot accurately predict the performance of those systems, because they do not support the metrics that are specific to data streaming applications and only approximate the behavior of data stream operations instead of expressing it explicitly. In particular, operations that group multiple data events and thus introduce timing dependencies between different calls to the system are not represented sufficiently. In this paper, we present an approach for modeling networks of data stream operations including their parameters with the goal of predicting the performance of the resulting composed data streaming application. The approach is based on a component-based performance model with queueing semantics for processing resources. Our evaluation shows that our model can more accurately express the behavior of the system, resulting in a more expressive performance model compared to a well-encapsulated component-based model without data stream operations.

show abstract

Change-Driven Consistency for Component Code, Architectural Models, and Contracts

Kramer

Langhammer

Messinger

et al. 2015

View full text Add to dashboard Cite

During the development of component-based software systems, it is often impractical or even impossible to include all development information into the source code. Instead, specialized languages are used to describe components and systems on different levels of abstraction or from different viewpoints: Component-based architecture models and contracts, for example, can be used to describe the system on a high level of abstraction, and to formally specify component constraints. Because models, contracts, and code contain redundant information, inconsistencies can occur if they are modified independently. Keeping this information consistent manually can require considerable effort, and can lead to costly errors, for example, when security-relevant components are verified against inconsistent contracts. In this paper, we present an approach for keeping componentbased architecture models and contracts specified in the Java Modeling Language (JML) consistent with Java source code. We use change-driven incremental transformations and the Vitruvius framework to automate the consistency preservation where this is possible. Using two case studies, we demonstrate how to detect and propagate changes and refactoring operations to keep models and contracts consistent with the source code.

show abstract

Dynamic security rules for legacy systems

Al-Ali

Hnětynka

Havlik

et al. 2019

View full text Add to dashboard Cite

Industry 4.0 tries to digitalize the production process further. The digitalization is achieved by connecting different entities (machines, worker) to data-exchange, which needs to be dynamic and to adapt to different changing situations and members in the process. However, just exchanging data might lead to confidentiality issues. The data-exchange needs to be protected to secure the confidentiality and trust in the system. Therefore, security rules need to adapt to these dynamic situations. One part of a possible solution might be dynamic access control rules. However in many cases, existing "legacy" systems are reused, which can in not handle dynamic access control rules. Due to this gap between the required and provided functionality, we propose an approach, which integrates dynamic access control based on the system-context into legacy systems. Our approach uses a security adaption controller, which dynamically adapts the access control rules to a new situation and integrates them into an existing legacy system. We discussed our approach with industrial practitioners and related our approach to their existing legacy system. In addition, we performed a scalability analysis to demonstrate the applicability of our approach in a realistic environment. CCS CONCEPTS• Security and privacy → Domain-specific security and privacy architectures; • Computer systems organization → Self-organizing autonomic computing.

show abstract

Modeling of dynamic trust contracts for industry 4.0 systems

Al-Ali

Heinrich

Hnětynka

et al. 2018

View full text Add to dashboard Cite

Due to their close relation to physical and virtual entities (humans, machines, processes, etc.) including their changing state and context, modern cyber-physical and IoT systems exhibit a high degree of architectural dynamicity. While sharing of data among all the entities of the system is the key driver to the efficiency of the system, it is at the same time necessary to effectively control which data are shared, with whom, and in which context so as to prevent potential misuse. The problem however is that traditional methods to security and privacy, which typically rely on rigid hierarchies, cannot easily cope with the high degree of architectural dynamicity. In this paper, we outline an approach to ensure security and privacy on the architectural level in systems with dynamic architectures.In particular, we focus on a) data tracking using data flows and data processing described in system architectures, b) descriptions of dynamic sharing scenarios including decision derivation based on the current situation, and c) a runtime analysis platform that regulates data exchange. We ground the approach and illustrate it in the Industry 4.0 setting, as this is the domain in which we apply our approach as part of our project Trust 4.0, but we believe it can be used in other applications domains as well. CCS CONCEPTS• Applied computing → Supply chain management; • Security and privacy → Domain-specific security and privacy architectures;

show abstract

Detecting violations of access control and information flow policies in data flow diagrams

Seifermann

Heinrich

Werle

et al. 2022

Journal of Systems and Software

View full text Add to dashboard Cite

Architectural Data Flow Analysis

Seifermann

2016

View full text Add to dashboard Cite

Quality properties including performance, security and compliance are crucial for a system's success but are hard to prove, especially for complex systems. Data flow analyses support this but often only consider source code and thereby introduce high costs of repair. Data flow analyses on the architectural design level use call-and-return semantics or eventbased communication between components but do not define data flows as first class entities or consider important runtime or deployment configurations. We propose introducing data flows as first class entities on the architectural level. Analyses ensure that systems meet the quality requirements even after changes in e.g. runtime or deployment configurations. Having data flows modeled as first class entities allows analyzing compliance with privacy laws, requirements for external service providers, and throughput requirements in big data scenarios on architectural level. The results allow early, cost-efficient fixing of issues.

show abstract

UML4ALL Syntax – A Textual Notation for UML Diagrams

Loitsch

Müller

Seifermann

et al. 2018

View full text Add to dashboard Cite

12 3 4

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.