Modeling of system quality attributes, including security, is often done with low fidelity software models and disjointed architectural specifications by various engineers using their own specialized notations. These models are typically not maintained or documented throughout the life cycle and make it difficult to obtain a system view. However, a single-source architecture model of the system that is annotated with analysis-specific information allows changes to the architecture to be reflected in the various analysis models with little effort. We describe how model-based development using the Architecture Analysis and Design Language (AADL) and compatible analysis tools provides the platform for multi-dimensional, multi-fidelity analysis and verification. A special emphasis is given to analysis approaches using Bell-LaPadula, Biba, and MILS approaches to security and that enable a system designer to exercise various architectural design options for confidentiality and data integrity prior to system realization.
[1]
Tsau Young Lin,et al.
Chinese wall security policy-an aggressive model
,
1989,
[1989 Proceedings] Fifth Annual Computer Security Applications Conference.
[2]
Jie Zhou,et al.
Security policy refinement and enforcement for the design of multi-level secure systems
,
2008,
J. Comput. Secur..
[3]
Jim Alves-Foss,et al.
The MILS architecture for high-assurance embedded systems
,
2006,
Int. J. Embed. Syst..
[4]
Vijayalakshmi Atluri,et al.
Role-based Access Control
,
1992
.
[5]
Michael J. Nash,et al.
The Chinese Wall security policy
,
1989,
Proceedings. 1989 IEEE Symposium on Security and Privacy.