An Approach to Verifying Security and Timing Properties in UML Models

In this paper, we present an approach to verify whether a UML design model satisfies its domain-specific security and time-related requirements in an integrated tool environment. This approach is based on a UML metamodel extension mechanism given as profiles. As a model verification tool, we chose the USE (UML-based Specification Environment) since additional functional and non-functional constraints in a UML model should be formally specified using the OCL (Object Constraint Language). In order to address both security and timing properties together in a model, we combine two profiles, UMLsec for security and MARTE (UML profile for Modeling and Analysis of Real-Time and Embedded systems) for time, into the UML metamodel. Then, this combined metamodel is converted to a form of USE specification so that it can be used for verifying models using USE. In this approach, however, this combined metamodel is considered as a large class model in USE because USE does not support profiles. Therefore, models to be verified are created as object models that are instances of the given class model, i.e. the extended metamodel in our case. Our approach is illustrated with a distributed, interoperable wireless communications-based railroad control system called the Positive Train Control (PTC) System.

[1]  Betty H. C. Cheng,et al.  A Taxonomy of Compositional Adaptation , 2004 .

[2]  Cosimo Laneve,et al.  PiDuce: A Process Calculus with Native XML Datatypes , 2005, EPEW/WS-FM.

[3]  Pieter H. Hartel,et al.  Timed model checking of security protocols , 2004, FMSE '04.

[4]  Claudio Guidi,et al.  Formalizing languages for service oriented computing , 2007 .

[5]  Kirsten Berkenkötter,et al.  Reliable UML Models and Profiles , 2008, SSV.

[6]  Zhoujun Li,et al.  Modeling and Verifying Time Sensitive Security Protocols with Constraints , 2008, FICS.

[7]  Faisal Abouzaid A Mapping from Pi-Calculus into BPEL , 2006, ISPE CE.

[8]  Joost-Pieter Katoen,et al.  On a Temporal Logic for Object-Based Systems , 2000, FMOODS.

[9]  Michael Butler,et al.  An Approach to Modelling and Refining Timing Properties in B , 2002 .

[10]  Sandro Etalle,et al.  An Improved Constraint-Based System for the Verification of Security Protocols , 2002, SAS.

[11]  Jos Warmer,et al.  The object constraint language , 1998 .

[12]  Fabrizio Montesi,et al.  Composing Services with JOLIE , 2007, ECOWS 2007.

[13]  Martin Gogolla,et al.  Validating UML Models and OCL Constraints , 2000, UML.

[14]  Wang Yi,et al.  UPPAAL - Now, Next, and Future , 2000, MOVEP.

[15]  Roberto Lucchi,et al.  Formalizing Mobility in Service Oriented Computing , 2007, J. Softw..

[16]  Francesco Tiezzi,et al.  C-clock-WS: A Timed Service-Oriented Calculus , 2007, ICTAC.

[17]  Robert Hirschfeld,et al.  Dynamic service adaptation , 2004, 24th International Conference on Distributed Computing Systems Workshops, 2004. Proceedings..

[18]  Lichen Zhang,et al.  Aspect-oriented real-time system modeling method based on UML , 2005, 11th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA'05).

[19]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[20]  Seyed Masoud Sadjadi,et al.  Composing adaptive software , 2004, Computer.

[21]  Roberto Gorrieri,et al.  : A Calculus for Service Oriented Computing , 2006, ICSOC.

[22]  Duminda Wijesekera,et al.  Trust-based secure Positive Train Control (PTC) , 2008 .

[23]  Hajime Kita,et al.  Genetic algorithms for adaptation to dynamic environments - a survey , 2000, 2000 26th Annual Conference of the IEEE Industrial Electronics Society. IECON 2000. 2000 IEEE International Conference on Industrial Electronics, Control and Instrumentation. 21st Century Technologies.

[24]  Nancy R. Mead,et al.  Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.

[25]  Ivan Lanese,et al.  On the interplay between fault handling and request-response service invocations , 2008, 2008 8th International Conference on Application of Concurrency to System Design.

[26]  Michael Soden,et al.  Temporal Extensions of OCL Revisited , 2009, ECMDA-FA.

[27]  Francesco Tiezzi,et al.  A Calculus for Orchestration of Web Services , 2007, ESOP.

[28]  Sébastien Gérard,et al.  MARTE: Also an UML Profile for Modeling AADL Applications , 2007, 12th IEEE International Conference on Engineering Complex Computer Systems (ICECCS 2007).

[29]  Charles Ashbacher,et al.  The Object Constraint Language Second Edition, Getting Your Models Ready for MDA, by Jos Warmer and Anneke Kleppe. , 2003 .

[30]  Rocco De Nicola,et al.  Basic Observables for a Calculus for Global Computing , 2005, ICALP.

[31]  Andrea Ferrara,et al.  Web services: a process algebra approach , 2004, ICSOC '04.

[32]  Françoise André,et al.  A framework for dynamic adaptation in wireless environments , 2000, Proceedings 33rd International Conference on Technology of Object-Oriented Languages and Systems TOOLS 33.

[33]  Roberto Gorrieri,et al.  A Simple Language for Real-Time Cryptographic Protocol Analysis , 2003, ESOP.

[34]  Eunjee Song,et al.  XMI2USE: A Tool for Transforming XMI to USE Specifications , 2009, ER Workshops.

[35]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[36]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[37]  Sébastien Gérard,et al.  First Experiments Using the UML Profile for MARTE , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[38]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[39]  Fabrizio Montesi,et al.  Reasoning About a Service-oriented Programming Paradigm , 2009, YR-SOC.

[40]  Jan Peleska,et al.  Executable HybridUML and Its Application to Train Control Systems , 2004, SoftSpez Final Report.

[41]  Donald Firesmith,et al.  Security Use Cases , 2003, J. Object Technol..

[42]  Jun Han,et al.  The Four Major Challenges of Engineering Adaptive Software Architectures , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[43]  Sébastien Gérard,et al.  An Execution Framework for MARTE-Based Models , 2008, 13th IEEE International Conference on Engineering of Complex Computer Systems (iceccs 2008).

[44]  Kirsten Berkenkötter,et al.  OCL-based validation of a railway domain profile , 2006, MoDELS'06.

[45]  Kurt Geihs,et al.  Selbst-adaptive Software , 2008, Informatik-Spektrum.

[46]  Ivan Lanese,et al.  Dynamic Fault Handling Mechanisms for Service-Oriented Applications , 2008, 2008 Sixth European Conference on Web Services.

[47]  Cosimo Laneve,et al.  PiDuce - A project for experimenting Web services technologies , 2009, Sci. Comput. Program..

[48]  Rocco De Nicola,et al.  On the Expressive Power of Klaim-based Calculi , 2004, EXPRESS.

[49]  Cosimo Laneve,et al.  Foundations of Web Transactions , 2005, FoSSaCS.

[50]  Takuo Watanabe,et al.  Towards constructing component-based software systems with safe dynamic adaptability , 2001, IWPSE '01.

[51]  Duminda Wijesekera,et al.  Executable misuse cases for modeling security concerns , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[52]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[53]  Wil M. P. van der Aalst,et al.  Formal semantics and analysis of control flow in WS-BPEL , 2007, Sci. Comput. Program..