15 Years of Model-Based Security Engineering with UML - Supporting Secure Evolution
Jan Jürjens
2016
Abstract
Security certification of complex systems requires a high amount of effort. As a particular challenge, today's systems are increasingly long-living and subject to continuous change. After each change of some part of the system, the whole system needs to be re-certified from scratch (since security properties are not in general modular), which is usually far too much effort. There has been recent work to address this challenge in the context of a line of work which develops approaches and tools for Model-based Security Engineering, making use of established modeling notations such as the Unified Modeling Language (UML). From that work, this talk presents a tool-supported approach for security certification that minimizes the amount of effort necessary in the case of re-certification after change. It is based on results that determine under which conditions change preserves security properties (for example in the context of structuring techniques such as refinement or architectural principles such as modularization). The approach supports an automated difference-based security analysis, at the level of design models as well as the implementation code (using static security analysis or run-time verification). It has been applied e.g. to cryptographic protocols, distributed security infrastructures, and identity management systems, and there are empirical results comparing it to classical techniques for security certification. In the outlook, we briefly present current research directions, such as applying the approach to the security certification of the Industrial Data Space (currently in development by Fraunhofer and a consortium of more than 20 companies, see http://www.industrialdataspace.org/en).
DownloadPaper Citation
in Harvard Style
Jürjens J. (2016). 15 Years of Model-Based Security Engineering with UML - Supporting Secure Evolution . In Proceedings of the Sixth International Symposium on Business Modeling and Software Design - Volume 1: BMSD, ISBN 978-989-758-190-8, pages 5-6. DOI: 10.5220/0006221500050006
in Bibtex Style
@conference{bmsd16,
author={Jan Jürjens},
title={15 Years of Model-Based Security Engineering with UML - Supporting Secure Evolution},
booktitle={Proceedings of the Sixth International Symposium on Business Modeling and Software Design - Volume 1: BMSD,},
year={2016},
pages={5-6},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006221500050006},
isbn={978-989-758-190-8},
}
in EndNote Style
TY - CONF
JO - Proceedings of the Sixth International Symposium on Business Modeling and Software Design - Volume 1: BMSD,
TI - 15 Years of Model-Based Security Engineering with UML - Supporting Secure Evolution
SN - 978-989-758-190-8
AU - Jürjens J.
PY - 2016
SP - 5
EP - 6
DO - 10.5220/0006221500050006