SysML Models and Model Transformation for Security

被引：0

作者：

Lugou, Florian ^{[1
]}

Li, Letitia W. ^{[1
]}

Apvrille, Ludovic ^{[1
]}

Ameur-Boulifa, Rabea ^{[1
]}

机构：

[1] Univ Paris Saclay, CNRS, Telecom ParisTech, LTCI, Campus SophiaTech,450 Route Chappes, F-06410 Sophia Antipolis, France

来源：

PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MODEL-DRIVEN ENGINEERING AND SOFTWARE DEVELOPMENT (MODELSWARD 2016) | 2016年

关键词：

SysML-Sec; Security; Model-driven Engineering; Model Transformation; ProVerif; TTool;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The security flaws of embedded systems have become very valuable targets for cyber criminals. SysML-Sec has been introduced to target the security of these systems during their development stages. However, assessing resistance to attacks during these stages requires efficiently capturing the system's behavior and formally proving security properties from those behaviors. This paper thus proposes (i) novel SysML block and state machine diagrams enhanced to better capture security features, and (ii) a model-to-Proverif transformation. ProVerif is a toolkit first released for the formal analysis of security protocol, but it can be used more generally to assess confidentiality and authenticity properties. This paper demonstrates the soundness of our approach using a complex asymmetric key distribution protocol.

引用

页码：331 / 338

页数：8

共 19 条

[1] Ali Y., 2009, P 42 HAW INT C SYST
[2] [Anonymous], 2015, 3 INT C MOD DRIV ENG
[3] Apvrille A., 2015, GEEK USAGES YOUR FIT
[4] Apvrille L., 2003, TTOOL TTOOL TELECOM
[5] Assolini F., 2012, TALE ONE THOUSAND ON
[6] Timed automata: Semantics, algorithms and tools
Bengtsson, J
Yi, W
[J]. LECTURES ON CONCURRENCY AND PETRI NETS: ADVANCES IN PETRI NETS, 2004, 3098 : 87 - 124
[7] Automatic verification of correspondences for security protocols
Blanchet, Bruno
[J]. JOURNAL OF COMPUTER SECURITY, 2009, 17 (04) : 363 - 434
[8] Drouineaud M, 2004, QSIC 2004: PROCEEDINGS OF THE FOURTH INTERNATIONAL CONFERENCE ON QUALITY SOFTWARE, P60
[9] Durgin N., 2004, Journal of Computer Security, V12, P247
[10] Security threats to automotive CAN networks-Practical examples and selected short-term countermeasures
Hoppe, Tobias
Kiltz, Stefan
Dittmann, Jana
[J]. RELIABILITY ENGINEERING & SYSTEM SAFETY, 2011, 96 (01) : 11 - 25

← 1 2 →