Learn More
Alloy is a formal language, which has been applied to modelling of systems in a wide range of application domains. It is supported by Alloy Analyzer, a tool, which allows fully automated analysis. As a result, creating Alloy code from a UML model provides the opportunity to exploit analysis capabilities of the Alloy Analyzer to discover possible design(More)
The Unified Modeling Language (UML) is the de facto language used in the industry for software specifications. Once an application has been formally specified, Model Driven Architecture (MDA) techniques can be applied to generate code from such specifications. Since implementing a system based on a faulty design requires additional cost and effort, it is(More)
Alloy is a textual language developed by Daniel Jackson and his team at MIT. It is a formal language, which has a succinct syntax and allows specification and automatic analysis of a wide variety of systems. On the other hand, the Unified Modelling Language (UML) is a semi-formal language, which is accepted by the software engineering community as the(More)
The concept of model transformations is central to the domain of Model Driven Engineering (MDE). A model transformation automates the translation of models between a source and a target language. In order to reason about the correctness of the translation it is important to be able to analyse model transformations. A model transformation specification can(More)
We propose a methodology, based on Aspect-Oriented Modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to obtain the misuse model. The misuse model describes how much(More)
Traditional access control models, such as Role-Based Access Control (RBAC), do not take into account contextual information, such as location and time, for making access decisions. Consequently, they are inadequate for specifying the access control needs of many complex real-world applications, such as the Dengue Decision Support (DDS) that we discuss in(More)
Model Transformations can be used to bridge the gap between design and analysis <i>technical spaces</i> by creating tools that allow a model produced by a designer to be transformed to a model suitable for conducting automated analysis. Such model transformations aim at allowing the designer to benefit from the capabilities provided by analysis tools and(More)
Designing secure systems is a nontrivial task. Incomplete or faulty designs can cause security mechanisms to be incorrectly incorporated in a system, allowing them to be bypassed and resulting in a security breach. We advocate the use of the Aspect-Oriented Risk-Driven Development (AORDD) methodology for developing secure systems. This methodology begins(More)