Tools for Traceable Security Verification

Dependable systems evolution has been identified by the UK Computing Research Committee (UKCRC) as one of the current grand challenges for computer science. We present work towards addressing this challenge which focusses on one facet of dependability, namely data security: We give an overview on an approach for modelbased security verification which provides a traceability link to the implementation. The approach uses a design model in the UML security extension UMLsec which can be formally verified against high-level security requirements such as secrecy and authenticity. An implementation of the specification can then be verified against the model by making use of run-time verification through the traceability link. The approach supports software evolution in so far as the traceability mapping is updated when refactoring operations are regressively performed using our tool-supported refactoring technique. The proposed method has been applied to an implementation of the Internet security protocol SSL.

[1]  Andrew D. Gordon,et al.  Verified Interoperable Implementations of Security Protocols , 2006, CSFW.

[2]  Tom Mens,et al.  A survey of software refactoring , 2004, IEEE Transactions on Software Engineering.

[3]  Fred B. Schneider,et al.  Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[4]  Jan Jürjens,et al.  Code security analysis with assertions , 2005, ASE '05.

[5]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[6]  Peter Y. A. Ryan,et al.  The modelling and analysis of security protocols: the csp approach , 2000 .

[7]  C. A. R. Hoare,et al.  How Did Software Get So Reliable Without Proof? , 1996, FME.

[8]  Martyn Thomas,et al.  Engineering judgement , 2004, Architectural Research Quarterly.

[9]  Jan Jürjens Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE.

[10]  S. Stepney,et al.  The certification of the Mondex electronic purse to ITSEC Level E6 , 2007, Formal Aspects of Computing.

[11]  Andrzej S. Murawski,et al.  Applying Game Semantics to Compositional Software Modeling and Verification , 2004, TACAS.

[12]  Yijun Yu,et al.  Tools for model-based security engineering: models vs. code , 2007, ASE '07.

[13]  Vladimiro Sassone,et al.  A framework for concrete reputation-systems with applications to history-based access control , 2005, CCS '05.

[14]  Bashar Nuseibeh,et al.  Model-Based Security Engineering of Distributed Information Systems Using UMLsec , 2007, 29th International Conference on Software Engineering (ICSE'07).

[15]  Jean Goubault-Larrecq,et al.  Cryptographic Protocol Analysis on Real C Code , 2005, VMCAI.

[16]  Jan Jürjens,et al.  Model-based security analysis for mobile communications , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[17]  Muffy Calder,et al.  What Use are Formal Design and Analysis Methods to Telecommunications Services? , 1998, FIW.