Enforcing S&amp;D Pattern Design in RCES with Modeling and Formal Approaches

Hamid, Brahim; Gürgens, Sigrid; Jouvray, Christophe; Desnos, Nicolas

doi:10.1007/978-3-642-24485-8_23

Cited by 20 publications

(30 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These models are used as external model libraries to type the properties of the patterns. The System and Software Engineering Pattern Metamodel (SEPM) [35] is a metamodel that defines a new formalism for describing S&D patterns and constitutes the basis of our pattern modeling language. Here, we consider patterns to be subsystems that provide access to services (via interfaces) and manage S&D and resource properties (via features), offering a unified means of capturing meta-information related to a pattern and its context of use.…”

Section: Definition Of a Repository Modelmentioning

confidence: 99%

A Model Repository Description Language - MRDL

Hamid¹

2016

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

OATAO is an open access repository that collects the work of Toulouse researchers and makes it freely available over the web where possible. Abstract. Repository-based development of software systems has gained more attention recently by addressing new challenges such as security and dependability. However, there are still gaps in existing modeling languages and/or formalisms dedicated to define model repositories and the way how to reuse them in the automation of software development. Thus, there is a strong requirement for defining a model repository description language not only as a modeling approach, but also as a suitable instrument to support system and software engineers in the activity of search and retrieval of appropriate models beyond keywordbased search. Moreover, modeling approaches allow using tools for the specification and the exploitation of the designed artifacts (e.g. analysis and evaluation). The goal of this paper is to advance the state of the art in model repository description for software and systems engineering. In particular, we have designed a flexible and extensible modeling language, by means of an OMG style metamodel, to specify model repositories for modeling artifacts, and we have defined an operational architecture for development tools. In particular, we show the feasibility of our own approach by reporting some preliminary prototype providing a model-based repository of security and dependability (S&D) pattern models.

show abstract

Section: Definition Of a Repository Modelmentioning

confidence: 99%

A Model Repository Description Language - MRDL

Hamid¹

2016

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…In addition, interfaces support interactions with security primitives and protocols for the specialization for a specific application domain. The principal classes of the System and Software Engineering Pattern Metamodel (SEPM) [11] are described with Ecore notations in Figure 1. Their meanings are more detailed in the following paragraphs.…”

Section: Pattern Specification Metamodel (Sepm)mentioning

confidence: 99%

“…These statements captures the semantics of an RSA encryption and allows to conclude that S trusts in the confidentiality of the shared secrets derived from the SSL handshake and yields that indeed property P-DS holds. For more details, the complete proof was introduced in [11]. In our case, we introduce the genM ac and verif yM ac actions and their temporal dependency precedeGenM acV erif yM ac, as illustrated by Figure 3 (lines 3, 4 and 8).…”

Section: Domain Specific Pattern Model (Dspm)mentioning

confidence: 99%

A Modeling and Formal Approach for the Precise Specification of Security Patterns

Hamid

Percebois

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Non-functional requirements such as Security and Dependability (S &D) become more important as well as more difficult to achieve. In fact, the integration of security features requires the availability of both application domain specific knowledge and security expertise at the same time. Hence, capturing and providing this expertise by the way of security patterns can support the integration of S&D features by design to foster reuse during the process of software system development.The solution envisaged here is based on combining metamodeling techniques and formal methods to represent security pattern at two levels of abstraction fostering reuse during the process of pattern development and during the process of pattern-based development. The contribution of this work is twofold: (1) An improvement of our previous pattern modeling language for representing security pattern in the form of a subsystem providing appropriate interfaces and targeting security properties, (2) Formal specification and validation of pattern properties, using the interactive Isabelle/HOL proof assistant. The resulting validation artifacts may mainly complete the definitions, and provide semantics for the interfaces and the properties in the context of S&D. As a result, validated patterns will be used as bricks to build applications through a Model-Driven engineering approach.Keywords: Pattern, Metamodel, Domain, Formalization, Model-Driven engineering, Security. IntroductionRecent times have seen a paradigm shift in terms of design by combining multiple software engineering paradigms, namely, Model-Driven Engineering (MDE) [20] and formal methods [25]. Such a paradigm shift is changing the way systems are developed nowadays, reducing development time significantly. Embedded systems [26] are a case where a range of development approaches have been proposed. The most popular are those using models as main artifacts to be constructed and maintained. In these approaches, software development consists of model specification and transformations. In addition to MDE, pattern-based development has gained more attention recently in software engineering by addressing new challenges that were not targeted in the past. In fact, they are applied in modern software architecture for distributed systems including middlewares, real-time embedded systems, and recently in security and dependability engineering.Unfortunately, most of security patterns are expressed as informal indications on how to solve some security problems, using template like traditional patterns [1,6]. These patterns do not include sufficient semantic descriptions, including those of security and dependability concepts, for automated processing within a tool-supported development and to extend their use. Furthermore, due to manual pattern implementation, the problem of incorrect implementation (the most important source of security problems) remains unsolved. For that, model driven software engineering can provide a solid basis for formulating design patterns that can incorp...

show abstract

“…Now, we briefly describe the modeling languages used to specify these artifacts. For more details, the reader is referred to [21] and [9] for property modeling language and for pattern modeling language, respectively.…”

Section: An Sandd Pattern Repositorymentioning

confidence: 99%

“…The System and Software Engineering Pattern Metamodel (SEPM) [9] is a metamodel defining a new formalism for describing S&D patterns, and constitutes the base of our pattern modeling language. Here we consider patterns as sub-systems that expose services (via interfaces) and manage S&D and Resource properties (via features) yielding a unified way to capture meta-information related to a pattern and its context of use.…”

Section: Pattern Specification Metamodelmentioning

confidence: 99%

A Model-Driven Methodology Approach for Developing a Repository of Models

Hamid¹

2014

Model and Data Engineering

Self Cite

View full text Add to dashboard Cite

Abstract. To cope with the growing complexity of embedded system design, several development approaches have been proposed. The most popular are those using models as main artifacts to be constructed and maintained. The wanted role of models is to ease, systematize and standardize the approach of the construction of software-based systems. In order to enforce reuse and to interconnect the process of models' specification and the system development with models, we promote a model-based approach coupled with a repository of models. In this paper, we propose a Model-Driven Engineering methodological approach for the development of a repository of models and an operational architecture for development tools. In particular, we show the feasibility of our own approach by reporting some preliminary prototype providing a model-based repository of security and dependability (S&D) pattern models.

show abstract

Enforcing S&D Pattern Design in RCES with Modeling and Formal Approaches

Cited by 20 publications

References 28 publications

A Model Repository Description Language - MRDL

A Model Repository Description Language - MRDL

A Modeling and Formal Approach for the Precise Specification of Security Patterns

A Model-Driven Methodology Approach for Developing a Repository of Models

Contact Info

Product

Resources

About