Ecole d'ingénieur et centre de recherche en Sciences du numérique

SysML-Sec: A model driven approach for designing safe and secure systems

Apvrille, Ludovic; Roudier, Yves

MODELSWARD 2015, 3rd International Conference on Model-Driven Engineering and Software Development, Special session on Security and Privacy in Model Based Engineering, 9-11 February 2015, Angers, France

Security flaws are open doors to attack embedded systems and must be carefully assessed in order to determine threats to safety and security. Subsequently securing a system, that is, integrating security mechanisms into the system's architecture can itself impact the system's safety, for instance deadlines could be missed due to an increase in computations and communications latencies. SysML-Sec addresses these issues with a modeldriven approach that promotes the collaboration between system designers and security experts at all design and development stages, e.g., requirements, attacks, partitioning, design, and validation. A central point of SysML-Sec is its partitioning stage during which safety-related and security-related functions are explored jointly and iteratively with regards to requirements and attacks. Once partitioned, the system is designed in terms of system's functions and security mechanisms, and formally verified from both the safety and the security perspectives. Our paper illustrates the whole methodology with the evaluation of a security mechanism added to an existing automotive system.

Document Bibtex

Titre:SysML-Sec: A model driven approach for designing safe and secure systems
Mots Clés:Model-driven engineering, safety, security, SysML, embedded systems.
Type:Conférence
Langue:English
Ville:Angers
Pays:FRANCE
Date:
Département:Sécurité numérique
Eurecom ref:4734
Copyright: © 2015 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
Bibtex: @inproceedings{EURECOM+4734, year = {2015}, title = {{S}ys{ML}-{S}ec: {A} model driven approach for designing safe and secure systems}, author = {{A}pvrille, {L}udovic and {R}oudier, {Y}ves}, booktitle = {{MODELSWARD} 2015, 3rd {I}nternational {C}onference on {M}odel-{D}riven {E}ngineering and {S}oftware {D}evelopment, {S}pecial session on {S}ecurity and {P}rivacy in {M}odel {B}ased {E}ngineering, 9-11 {F}ebruary 2015, {A}ngers, {F}rance}, address = {{A}ngers, {FRANCE}}, month = {02}, url = {http://www.eurecom.fr/publication/4734} }
Voir aussi: