• DocumentCode
    1831477
  • Title

    An Approach to Model-based Development of Secure and Reliable Systems

  • Author

    Fernandez, Eduardo B. ; Washizaki, Hironori ; Yoshioka, Nobukazu ; VanHilst, Michael

  • Author_Institution
    Dept. of Comput. Sci. & Eng., Florida Atlantic Univ., Boca Raton, FL, USA
  • fYear
    2011
  • fDate
    22-26 Aug. 2011
  • Firstpage
    260
  • Lastpage
    265
  • Abstract
    A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system.
  • Keywords
    security of data; software reliability; model-based development; reliability constraint; reliable systems; secure systems; security constraint; security requirements; Analytical models; Authorization; Object oriented modeling; Operating systems; Reliability; Unified modeling language;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
  • Conference_Location
    Vienna
  • Print_ISBN
    978-1-4577-0979-1
  • Electronic_ISBN
    978-0-7695-4485-4
  • Type

    conf

  • DOI
    10.1109/ARES.2011.45
  • Filename
    6045948