Automated Verification of UMLsec Models for Security Requirements
For model-based development to be a success in practice, it needs to have a convincing added-value associated with its use. Our goal is to provide such added-value by developing tool-support for the analysis of UML models against difficult system requirements. Towards this goal, we describe a UML ve...
Gespeichert in:
Hauptverfasser: | , |
---|---|
Format: | Tagungsbericht |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | For model-based development to be a success in practice, it needs to have a convincing added-value associated with its use. Our goal is to provide such added-value by developing tool-support for the analysis of UML models against difficult system requirements. Towards this goal, we describe a UML verification framework supporting the construction of automated requirements analysis tools for UML diagrams. The framework is connected to industrial CASE tools using XMI and allows convenient access to this data and to the human user.
As a particular example for usage of this framework, we present verification routines for verifying models of the security extension UMLsec of UML. These plug-ins should not only contribute towards usage of UMLsec in practice by offering automated analysis routines connected to popular CASE tools. The verification framework should also allow advanced users of the UMLsec approach to themselves implement verification routines for the constraints of self-defined stereotypes, in a way that allows them to concentrate on the verification logic. In particular, we focus on an analysis plug-in that utilises the model-checker Spin to verify security properties of UMLsec models which make use of cryptography (such as cryptographic protocols). |
---|---|
ISSN: | 0302-9743 1611-3349 |
DOI: | 10.1007/978-3-540-30187-5_26 |