Towards Language Support for Model-based Security Policy Engineering

Peter Amthor, Marius Schlegel


Software engineering for security-critical systems is based on manual translations between languages from different domains: an informal security policy is translated to a formally verifiable model, and further to actual source code. This is an error-prone task, put at the risk of losing hard-acquired correctness guarantees. To mitigate this problem, we argue for a methodical support by domain-specific languages and tools. We present ongoing work on two languages that substantiate this thesis, including their usage in a practical setting, and discuss the benefits from combining them with appropriate tool support.


Paper Citation