Extending LSCs for Behavioral Signature Modeling

  • Sven Patzina
  • Lars Patzina
  • Andy Schürr
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 354)


Driven by technical innovation, embedded systems are becoming increasingly interconnected and have to be secured against failures and threats from the outside world. For this purpose, we have defined an integrated model-based development process for security monitors which requires an expressive, formally well-defined, and easy to learn behavioral signature language. In this paper, we demonstrate that Live Sequence Charts (LSCs) are adequate for the specification of behavioral signatures. To satisfy all requirements and enable compact modeling, we extend LSCs by concepts that fit well to the spirit of LSCs.


Policy Language Behavioral Signature Computation Tree Logic Misuse Case Signature Language 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Damm, W., Harel, D.: LSCs: Breathing Life into Message Sequence Charts. Formal Methods in System Design 19(1), 45–80 (2001)zbMATHCrossRefGoogle Scholar
  2. 2.
    Giarratano, J., Riley, G.: Expert Systems: Principles and Programming, 3rd edn. Course Technology (1998)Google Scholar
  3. 3.
    Groll, A., Ruland, C.: Secure and Authentic Communication on Existing In-Vehicle Networks. In: Proc. of IEEE IV 2009, pp. 1093–1097 (2009)Google Scholar
  4. 4.
    Harel, D., Maoz, S., Segall, I.: Some Results on the Expressive Power and Complexity of LSCs. In: Avron, A., Dershowitz, N., Rabinovich, A. (eds.) Pillars of Computer Science. LNCS, vol. 4800, pp. 351–366. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Hussein, M., Zulkernine, M.: UMLintr: A UML Profile for Specifying Intrusions. In: 13th Annual IEEE International Symposium and Workshop on Engineering of Computer Based Systems, ECBS 2006, pp. 8–288. IEEE, Los Alamitos (2006)Google Scholar
  6. 6.
    Jürjens, J.: UMLsec: Extending UML for Secure Systems Development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)Google Scholar
  7. 7.
    Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., et al.: Experimental Security Analysis of a Modern Automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462. IEEE, Los Alamitos (2010)CrossRefGoogle Scholar
  8. 8.
    Kumar, S.: Classification and Detection of Computer Intrusions. Ph.D. thesis, Purdue University (1995)Google Scholar
  9. 9.
    Lindqvist, U., Porras, P.: Detecting Computer and Network Misuse through the Production-based Expert System Toolset (P-BEST). In: Proceedings of the 1999 IEEE Symposium on Security and Privacy, 1999, pp. 146–161. IEEE, Los Alamitos (2002)Google Scholar
  10. 10.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)Google Scholar
  11. 11.
    Massacci, F., Naliuka, K.: Towards Practical Security Monitors of UML Policies for Mobile Applications. In: Proc. of IEEE POLICY 2007, pp. 278 (2007)Google Scholar
  12. 12.
    Papadimitratos, P., Buttyan, L., et al.: Secure Vehicular Communication Systems: Design and Architecture. IEEE Commun. Mag. 46(11), 100–109 (2008)CrossRefGoogle Scholar
  13. 13.
    Patzina, L., Patzina, S., Piper, T., Schürr, A.: Monitor Petri Nets for Security Monitoring. In: Proc. of S&D4RCES (2010)Google Scholar
  14. 14.
    Schmerl, S.: Entwurf und Entwicklung einer effizienten Analyseeinheit für Intrusion-Detection-Systeme. Diplomarbeit, Lehrstuhl Rechnernetze, BTU Cottbus (2004)Google Scholar
  15. 15.
    Sindre, G., Opdahl, A.L.: Capturing Security Requirments through Misuse Cases. In: NIK 2001 (2001),
  16. 16.
    Sloman, M., Lupu, E.: Security and Management Policy Specification. IEEE Network 16(2), 10–19 (2002)CrossRefGoogle Scholar
  17. 17.
    Smith, S., Beaulieu, A., Phillips, W.G.: Modeling Security Protocols Using UML 2. In: Workshop – Modeling Security 2008 (2008)Google Scholar
  18. 18.
    Solhaug, B., Elgesem, D., et al.: Specifying Policies Using UML Sequence Diagrams–An Evaluation Based on a Case Study. In: Proc. of IEEE POLICY 2007, pp. 19–28 (2007)Google Scholar
  19. 19.
    Vigna, G., Eckmann, S., Kemmerer, R.: The STAT Tool Suite. In: Proc. of DISCEX 2000, DARPA Information Survivability Conference and Exposition, 2000, vol. 2, pp. 46–55. IEEE, Los Alamitos (2002)CrossRefGoogle Scholar
  20. 20.
    Westphal, B., Toben, T.: The Good, the Bad and the Ugly: Well-Formedness of Live Sequence Charts. In: Baresi, L., Heckel, R. (eds.) FASE 2006. LNCS, vol. 3922, pp. 230–246. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Sven Patzina
    • 1
  • Lars Patzina
    • 2
  • Andy Schürr
    • 1
  1. 1.Real-time Systems LabTU DarmstadtDarmstadtGermany
  2. 2.Center for Advanced Security Research Darmstadt (CASED)Germany

Personalised recommendations