SysML Models and Model Transformation for Security

Florian Lugou, Florian Lugou, Letitia W. Li, Letitia W. Li, Ludovic Apvrille, Ludovic Apvrille, Rabéa Ameur-Boulifa, Rabéa Ameur-Boulifa


The security flaws of embedded systems have become very valuable targets for cyber criminals. SysML-Sec has been introduced to target the security of these systems during their development stages. However, assessing resistance to attacks during these stages requires efficiently capturing the system’s behavior and formally proving security properties from those behaviors. This paper thus proposes (i) novel SysML block and state machine diagrams enhanced to better capture security features, and (ii) a model-to-Proverif transformation. ProVerif is a toolkit first released for the formal analysis of security protocol, but it can be used more generally to assess confidentiality and authenticity properties. This paper demonstrates the soundness of our approach using a complex asymmetric key distribution protocol.


  1. Ali, Y., El-Kassas, S., and Mahmoud, M. (2009). A rigorous methodology for security architecture modeling and verification. In Proceedings of the 42nd Hawaii International Conference on System Sciences, volume 978-0-7695-3450-3/09. IEEE.
  2. Apvrille, A. (2015). Geek usages for your fitbit flex tracker, luxemburg, october 2015. Slides at
  3. Apvrille, L. (2003). TTool.
  4. Apvrille, L. and Roudier, Y. (2015). SysML-Sec: A model driven approach for designing safe and secure systems. In 3rd International Conference on ModelDriven Engineering and Software Development, Special session on Security and Privacy in Model Based Engineering, France. SCITEPRESS Digital Library.
  5. Assolini, F. (2012). The Tale of One Thousand and One DSL Modems, kaspersky lab.
  6. Bengtsson, J. and Yi., W. (2004). Timed automata: Semantics, algorithms and tools. In Lecture Notes on Concurrency and Petri Nets, pages 87-124. W. Reisig and G. Rozenberg (eds.), LNCS 3098, Springer-Verlag.
  7. Blanchet, B. (2009). Automatic Verification of Correspondences for Security Protocols. Journal of Computer Security, 17(4):363-434.
  8. Drouineaud, M., Bortin, M., Torrini, P., and Sohr, K. (2004). A first step towards formal verification of security policy properties for rbac. In QSIC'04, pages 60-67, Washington, DC, USA.
  9. Durgin, N., Lincoln, P., Mitchell, J., and Scedrov, A. (2004). Multiset rewriting and the complexity of bounded security protocols. J. Comput. Secur., 12(2):247-311.
  10. Hoppe, T., Kiltz, S., and Dittmann, J. (2011). Security Threats to Automotive CAN Networks - Practical Examples and Selected Short-Term Countermeasures. Rel. Eng. & Sys. Safety, 96(1):11-25.
  11. ICS-CERT (2015). Hospira lifecare pca infusion system vulnerabilities, advisory (icsa-15-125-01b). 01B.
  12. J ürjens, J. (2007). Developing secure embedded systems: Pitfalls and how to avoid them. In 29th International Conference on Software Engineering (ICSE 2007), pages 182-183. ACM.
  13. Kelling, E., Friedewald, M., Leimbach, T., Menzel, M., Säger, P., Seudié, H., and Weyl, B. (2009). Specification and Evaluation of e-Security Relevant Use cases. Technical Report Deliverable D2.1, EVITA Project.
  14. Ma n˜a, A. and Pujol, G. (2008). Towards formal specification of abstract security properties. In The Third International Conference on Availability, Reliability and Security, volume 0-7695-3102-4/08. IEEE.
  15. Maslennikov, D. (2010). Russian cybercriminals on the move: profiting from mobile malware. In The 20th Virus Bulletin Internation Conference, pages 84-89, Vancouver, Canada.
  16. Maynor, D. (2006). Scada security and terrorism: We're not crying wolf! In Invited presentation at BlackHat BH 2006. Presentation available at:, USA.
  17. Shen, G., Li, X., Feng, R., Xu, G., Hu, J., and Feng, Z. (2014). An extended uml method for the verification of security protocols. In Engineering of Complex Computer Systems (ICECCS), 2014 19th International Conference on, pages 19-28.
  18. Toussaint, M. J. (1993). A New Method for Analyzing the Security of Cryptographic Protocols. In Journal on Selected Areas in Communications, volume 11, No. 5. IEEE.
  19. Trcek, D. and Blazic, B. J. (1995). Formal language for security services base modelling and analysis. In Elsevier Science Journal, Computer Communications, volume Vol. 18, No. 12. Elsevier Science.

Paper Citation

in Harvard Style

Lugou F., Li L., Apvrille L. and Ameur-Boulifa R. (2016). SysML Models and Model Transformation for Security . In Proceedings of the 4th International Conference on Model-Driven Engineering and Software Development - Volume 1: MODELSWARD, ISBN 978-989-758-168-7, pages 331-338. DOI: 10.5220/0005748703310338

in Bibtex Style

author={Florian Lugou and Letitia W. Li and Ludovic Apvrille and Rabéa Ameur-Boulifa},
title={SysML Models and Model Transformation for Security},
booktitle={Proceedings of the 4th International Conference on Model-Driven Engineering and Software Development - Volume 1: MODELSWARD,},

in EndNote Style

JO - Proceedings of the 4th International Conference on Model-Driven Engineering and Software Development - Volume 1: MODELSWARD,
TI - SysML Models and Model Transformation for Security
SN - 978-989-758-168-7
AU - Lugou F.
AU - Li L.
AU - Apvrille L.
AU - Ameur-Boulifa R.
PY - 2016
SP - 331
EP - 338
DO - 10.5220/0005748703310338