ADDRESSING SECURITY REQUIREMENTS THROUGH MULTI-FORMALISM MODELLING AND MODEL TRANSFORMATION

Miriam Zia; Ernesto Posse; Hans Vangheluwe

doi:10.5220/0001347201290137

ADDRESSING SECURITY REQUIREMENTS THROUGH MULTI-FORMALISM MODELLING AND MODEL TRANSFORMATION

Miriam Zia, Ernesto Posse, Hans Vangheluwe

2007

Abstract

Model-based approaches are increasingly used in all stages of complex systems design. In this paper, we use multi-formalism modelling and model transformation to address security requirements. Our methodology supports the verification of security properties using the model checker FDR2 on CSP (Communicating Sequential Processes) models. This low-level constraint checking is performed through model refinements, from a behavioural description of a system in the Statecharts formalism. The contribution of this paper lies in the combination of various formalisms and transformations between them. In particular, mapping Statecharts onto CSP models allows for combination of the deterministic system model with non-deterministic models of a system’s environment (including, for example, possible user attacks). The combination of system and environment models is used for model checking. To bridge the gap between these Statechart and CSP models, we introduce kiltera, an intermediate language that defines the system in terms of interacting processes. kiltera allows for simulation, real-time execution, as well as translation into CSP models. An e-Health application is used to demonstrate our approach.

Download

Paper Citation

in Harvard Style

Zia M., Posse E. and Vangheluwe H. (2007). ADDRESSING SECURITY REQUIREMENTS THROUGH MULTI-FORMALISM MODELLING AND MODEL TRANSFORMATION . In Proceedings of the Second International Conference on Software and Data Technologies - Volume 2: ICSOFT, ISBN 978-989-8111-06-7, pages 129-137. DOI: 10.5220/0001347201290137

in Bibtex Style

@conference{icsoft07,
author={Miriam Zia and Ernesto Posse and Hans Vangheluwe},
title={ADDRESSING SECURITY REQUIREMENTS THROUGH MULTI-FORMALISM MODELLING AND MODEL TRANSFORMATION},
booktitle={Proceedings of the Second International Conference on Software and Data Technologies - Volume 2: ICSOFT,},
year={2007},
pages={129-137},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001347201290137},
isbn={978-989-8111-06-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the Second International Conference on Software and Data Technologies - Volume 2: ICSOFT,
TI - ADDRESSING SECURITY REQUIREMENTS THROUGH MULTI-FORMALISM MODELLING AND MODEL TRANSFORMATION
SN - 978-989-8111-06-7
AU - Zia M.
AU - Posse E.
AU - Vangheluwe H.
PY - 2007
SP - 129
EP - 137
DO - 10.5220/0001347201290137