Model-Driven Architecture Based Security Analysis - ETIS, équipe ICI Accéder directement au contenu
Article Dans Une Revue Systems Engineering Année : 2021

Model-Driven Architecture Based Security Analysis

Résumé

This paper proposes a Model-Driven Architecture approach for the development of an embedded system validation platform namely Model-Based Security Analysis for Embedded Systems (MBSAES). The security properties are formally modeled and verified at an early stage of the design process of the system, which helps to reduce late errors and development time. A separation of the attack scenarios and the system design from the implementation details has been respected. To transform semi-formal models from SysML to NuSVM model checking platform, two Model-to-Text, horizontal and exogenous transformations have been implemented. The first one employs a programming approach with Java to create a Computational Tree Logic specification from an Extended Attack Tree, whereas the second one uses a template approach with Acceleo to generate NuSMV code from SysML structural and behavioral models. To illustrate our approach, a case study, involving attacks aiming to unlock car door systems, via signal jamming and code replaying, is considered. The results of this research will contribute to the automatic validation of system designs against security vulnerabilities via a database of extended attack trees building from existing atomic attacks.
Fichier principal
Vignette du fichier
MDASystemsEngineeringJournal.pdf (787.48 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-03216460 , version 1 (04-05-2021)

Identifiants

Citer

Saoussen Mili, Nga Thi Viet Nguyen, Rachid Chelouah. Model-Driven Architecture Based Security Analysis. Systems Engineering, 2021, 24 (5), pp.307-321. ⟨10.1002/sys.21581⟩. ⟨hal-03216460⟩
80 Consultations
250 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More