Security-aware Modeling and Analysis for HW/SW Partitioning
@inproceedings{Li2017SecurityawareMA, title={Security-aware Modeling and Analysis for HW/SW Partitioning}, author={Letitia W. Li and Florian Lugou and Ludovic Apvrille}, booktitle={International Conference on Model-Driven Engineering and Software Development}, year={2017} }
The rising wave of attacks on communicating embedded systems has exposed their users to risks of informa- tion theft, monetary damage, and personal injury. Through improved modeling and analysis of security, we propose that these flaws could be mitigated. Since HW/SW partitioning, one of the first phases, impacts future integration of security into the system, this phase would benefit from supporting modeling security abstrac- tions and security properties, providing designers with useful…
15 Citations
Security Modeling for Embedded System Design
- Computer ScienceGraMSec@CSF
- 2017
This paper presents how the SysML-Sec Methodology has been enhanced for the evolving graphical modeling of security through the three stages of the authors' embedded system design methodology: Analysis, HW/SW Partitioning, and Software Analysis.
A systematic literature review ofmodel-driven security engineering for cyber–physical systems
- Computer Science
- 2020
It is found that model-driven security is a relevant research area but most approaches focus only on specific security properties and even for CPS-specific approaches the platform is only rarely taken into account.
A systematic literature review of model-driven security engineering for cyber-physical systems
- Computer ScienceJ. Syst. Softw.
- 2020
Safe and secure model-driven design for embedded systems
- Computer Science
- 2018
This thesis proposes a modeling-based methodology for safe and secure design, based on the SysML-Sec Methodology, which involve new modeling and verification methods.
Security Driven Design Space Exploration for Embedded Systems
- Computer Science2019 Forum for Specification and Design Languages (FDL)
- 2019
This paper introduces a novel DSE framework, which allows the consideration of security constraints, in the form of attack scenarios, and attack mitigations, in a form of security tasks, based on the system’s functionality and architecture, possible attacks, and known mitigation techniques.
Towards an Automated Exploration of Secure IoT/CPS Design-Variants
- Computer ScienceSAFECOMP
- 2020
A framework that offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike is demonstrated.
A Design Exploration Framework for Secure IoT-Systems
- Computer Science2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)
- 2020
A security attack based design space exploration framework, capable of finding the optimal design for an IoT system, based on its architectural, behavioral, and security attack description, is introduced.
Design Space Exploration for Secure IoT Devices and Cyber-Physical Systems
- Computer ScienceACM Trans. Embed. Comput. Syst.
- 2021
This article introduces a novel DSE framework, which allows the consideration of security constraints, in the form of attack scenarios, and attack mitigations in the forms of security tasks, and finds the optimal design for a secure IoT device or CPS.
Impact of Security Measures on Performance Aspects in SysML Models
- Computer ScienceMODELSWARD
- 2020
The trade-off between security and performance is tackled with a new model-based method that can automatically assess the impact of security measures on performance.
Formal and Virtual Multi-level Design Space Exploration
- Computer ScienceMODELSWARD
- 2017
This chapter introduces the model-based engineering process with the supporting toolkit TTool, with two main design stages occurring at a different level of abstraction.
References
SHOWING 1-10 OF 27 REFERENCES
SysML-Sec: A model driven approach for designing safe and secure systems
- Computer Science2015 3rd International Conference on Model-Driven Engineering and Software Development (MODELSWARD)
- 2015
The whole methodology of SysML-Sec is illustrated with the evaluation of a security mechanism added to an existing automotive system, and its partitioning stage during which safety-related and security-related functions are explored jointly and iteratively with regards to requirements and attacks.
SysML models and model transformation for security
- Computer Science2016 4th International Conference on Model-Driven Engineering and Software Development (MODELSWARD)
- 2016
Novel SysML block and state machine diagrams enhanced to better capture security features and a model-to-Proverif transformation to demonstrate the soundness of the approach using a complex asymmetric key distribution protocol.
Model-Based Verification of Security and Non-Functional Behavior using AADL
- Computer ScienceIEEE S&P 2016
- 2016
This work describes how model-based development using the Architecture Analysis and Design Language (AADL) and compatible analysis tools provides the platform for multi-dimensional, multi-fidelity analysis and verification.
Architectural Modeling to Verify Security and Nonfunctional Behavior
- Computer ScienceIEEE Security & Privacy
- 2010
The Architecture Analysis and Design Language (AADL) provides a platform for multidimensional model analysis and verification and a single-source system model annotated with analysis-specific information can reflect architectural changes with little additional effort.
A first step towards formal verification of security policy properties for RBAC
- Computer Science, MathematicsFourth International Conference onQuality Software, 2004. QSIC 2004. Proceedings.
- 2004
The paper presents an example of a RBAC security policy having the dual control property, proved in a first-order linear temporal logic (LTL) that has been embedded in the theorem prover Isabelle/HOL by the authors.
AVATAR: A SysML Environment for the Formal Verification of Safety and Security Properties
- Computer Science2011 11th Annual International Conference on New Technologies of Distributed Systems
- 2011
A SysML-based environment named AVATAR is introduced, which can capture both safety and security related elements in the same Sys ML model, and is highlighted with a realistic embedded automotive system taken from an ongoing joint project of academia and industry called EVITA.
Formal verification of security protocol implementations: a survey
- Computer ScienceFormal Aspects of Computing
- 2012
This paper surveys techniques that bring automated formal proofs closer to real implementations of security protocols, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography.
Quantifying Risks to Data Assets Using Formal Metrics in Embedded System Design
- Computer ScienceSAFECOMP
- 2015
This paper considers attack and system behaviours as two separate models that are later elegantly combined for security analysis, and proposes likelihood/consequence-based measures of confidentiality and integrity losses to characterise security risks to data assets.
UMLsec: Extending UML for Secure Systems Development
- Computer ScienceUML
- 2002
This work presents the extension UMLsec of UML that allows to express securityrelevant information within the diagrams in a system specification, and gives criteria to evaluate the security aspects of a system design, by referring to a formal semantics of a simplified UML.
SecureUML: A UML-Based Modeling Language for Model-Driven Security
- Computer ScienceUML
- 2002
The approach is based on role-based access control with additional support for specifying authorization constraints and can be used to improve productivity during the development of secure distributed systems and the quality of the resulting systems.