Abstract
Developing security-critical systems is difficult and there are many well-known examples of security weaknesses exploited in practice. Thus a sound methodology supporting secure systems development is urgently needed.
Our aim is to aid the difficult task of developing security-critical systems in a formally based approach using the notation of the Unified Modeling Language. We present the extension UMLsec of UML that allows one to express security-relevant information within the diagrams in a system specification. UMLsec is defined in form of a UML profile using the standard UML extension mechanisms. In particular, the associated constraints give criteria to evaluate the security aspects of a system design, by referring to a formal semantics of a simplified fragment of UML. We explain how these constraints can be formally verified against the dynamic behavior of the specification using automated theorem provers for first-order logic. This formal security verification can also be extended to C code generated from the specifications.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abadi, M.: Security protocols and their properties. In: Bauer, F.L., Steinbrüggen, R. (eds.) Foundations of Secure Computation, pp. 39–60. IOS Press, Amsterdam (2000); 20th International Summer School, Marktoberdorf, Germany
Abadi, M., Jürjens, J.: Formal eavesdropping and its computational interpretation. In: Kobayashi, N., Pierce, B.C. (eds.) TACS 2001. LNCS, vol. 2215, pp. 82–94. Springer, Heidelberg (2001)
Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley & Sons, New York (2001)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory IT-29(2), 198–208 (1983)
Grünbauer, J., Hollmann, H., Jürjens, J., Wimmel, G.: Modelling and verification of layered security-protocols: A bank application. In: Anderson, S., Felici, M., Littlewood, B. (eds.) SAFECOMP 2003. LNCS, vol. 2788, pp. 116–129. Springer, Heidelberg (2003)
Goguen, J., Meseguer, J.: Security policies and security models. In: Symposium on Security and Privacy (S&P), pp. 11–20. IEEE Computer Society, Los Alamitos (1982)
Jürjens, J., Fernandez, E.B., France, R.B., Rumpe, B., Heitmeyer, C.: Critical systems development using modelling languages (CSDUML 2004): Current development and future challenges (report on the third international workshop). In: Jardim Nunes, N., Selic, B., Rodrigues da Silva, A., Toval Alvarez, A. (eds.) UML Satellite Activities 2004. LNCS, vol. 3297, pp. 76–84. Springer, Heidelberg (2005)
Jürjens, J., Houmb, S.H.: Dynamic secure aspect modeling with UML: From models to code. In: Briand, L.C., Williams, C. (eds.) MoDELS 2005. LNCS, vol. 3713, pp. 142–155. Springer, Heidelberg (2005)
Jürjens, J., Shabalin, P.: Automated verification of UMLsec models for security requirements. In: Jézéquel, J.-M., Hußmann, H., Cook, S. (eds.) UML 2004. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2004)
Jürjens, J., Shabalin, P.: Tools for secure systems development with UML: Security analysis with ATPs. In: Cerioli, M. (ed.) FASE 2005. LNCS, vol. 3442, pp. 305–309. Springer, Heidelberg (2005)
Jürjens, J.: Formal semantics for interacting UML subsystems. In: Jacobs, B., Rensink, A. (eds.) 5th International Conference on Formal Methods for Open Object-Based Distributed Systems (FMOODS 2002). International Federation for Information Processing (IFIP), pp. 29–44. Kluwer Academic Publishers, Dordrecht (2002)
Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2004)
Jürjens, J.: Sound methods and effective tools for model-based security engineering with UML. In: 27th International Conference on Software Engineering (ICSE 2005). IEEE Computer Society, Los Alamitos (2005)
Jürjens, J.: Understanding security goals provided by crypto-protocol implementations. In: 21st International Conference on Software Maintenance (ICSM 2005). IEEE Computer Society, Los Alamitos (2005)
Jürjens, J.: Verification of low-level crypto-protocol implementations using automated theorem proving. In: 3rd ACM & IEEE International Conference on Formal Methods and Models for Co-Design (MEMOCODE 2005). IEEE Computer Society, Los Alamitos (2005)
Moser, M., Ibens, O., Letz, R., Steinbach, J., Goller, C., Schumann, J., Mayr, K.: SETHEO and E-SETHEO – The CADE-13 Systems. Journal of Automated Reasoning (JAR) 18(2), 237–246 (1997)
Netbeans project. Open source (2003), Available from, http://mdr.netbeans.org
Sutcliffe, G., Suttner, C.: The TPTP problem library for automated theorem proving (2001), Available at, http://www.tptp.org
Stenz, G., Wolf, A.: E-SETHEO: An automated3 theorem prover. In: Dyckhoff, R. (ed.) TABLEAUX 2000. LNCS, vol. 1847, pp. 436–440. Springer, Heidelberg (2000)
UMLsec tool (2002-2004), Open-source, Accessible at, http://www.umlsec.org
UML Revision Task Force. OMG UML Specification v. 1.4. OMG Document ad/01-09-67 (September 2001), Available at, http://www.omg.org/uml
Watson, B.: The Real-time UML standard. In: Real-Time and Embedded Distributed Object Computing Workshop, OMG, July 15-18 (2002)
Object Management Group. OMG XML Metadata Interchange (XMI) Specification (January 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Jürjens, J. (2005). Model-Based Security Engineering with UML. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds) Foundations of Security Analysis and Design III. FOSAD FOSAD 2005 2004. Lecture Notes in Computer Science, vol 3655. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11554578_2
Download citation
DOI: https://doi.org/10.1007/11554578_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28955-5
Online ISBN: 978-3-540-31936-8
eBook Packages: Computer ScienceComputer Science (R0)