Premium
Model‐driven architecture based security analysis
Author(s) -
Mili Saoussen,
Nguyen Nga,
Chelouah Rachid
Publication year - 2021
Publication title -
systems engineering
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.474
H-Index - 50
eISSN - 1520-6858
pISSN - 1098-1241
DOI - 10.1002/sys.21581
Subject(s) - computer science , systems modeling language , model checking , java , process (computing) , code (set theory) , code generation , software engineering , programming language , unified modeling language , distributed computing , embedded system , computer security , software , set (abstract data type) , key (lock)
This paper proposes a Model‐Driven Architecture approach for the development of an embedded system validation platform namely Model‐Based Security Analysis for Embedded Systems (MBSAES). The security properties are formally modeled and verified at an early stage of the design process of the system, which helps to reduce late errors and development time. A separation of the attack scenarios and the system design from the implementation details has been respected. To transform semi‐formal models from SysML to NuSVM model checking platform, two Model‐to‐Text, horizontal and exogenous transformations have been implemented. The first one employs a programming approach with Java to create a Computational Tree Logic specification from an Extended Attack Tree, whereas the second one uses a template approach with Acceleo to generate NuSMV code from SysML structural and behavioral models. To illustrate our approach, a case study, involving attacks aiming to unlock car door systems, via signal jamming and code replaying, is considered. The results of this research will contribute to the automatic validation of system designs against security vulnerabilities via a database of extended attack trees building from existing atomic attacks.