Performance analysis of security aspects by weaving scenarios extracted from UML models

Aspect-oriented modeling (AOM) allows software designers to describe features that address pervasive concerns separately as aspects, and to systematically incorporate the features into a design model using model composition techniques. The goal of this paper is to analyze the performance effects of different security features that may be represented as aspect models. This is part of a larger research effort to integrate methodologies and tools for the analysis of security and performance properties early in the software development process. In this paper, we describe an extension to the AOM approach that provides support for performance analysis. We use the performance analysis techniques developed previously in the PUMA project, which take as input UML models annotated with the standard UML Profile for Schedulability, Performance and Time (SPT), and transform them first into Core Scenario Model (CSM), and then into different performance models. The composition of the aspects with the primary (base) model is performed at the CSM level. A new formal definition of CSM properties and operations is described as a foundation for scenario-based weaving. The proposed approach is illustrated with an example that utilizes two standards, TPC-W and SSL.

[1]  C. Murray Woodside,et al.  Software performance models from system scenarios , 2005, Perform. Evaluation.

[2]  Paola Inverardi,et al.  Model-based performance prediction in software development: a survey , 2004, IEEE Transactions on Software Engineering.

[3]  Jan Jürjens Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE '05.

[4]  Dorina C. Petriu,et al.  Performance analysis of UML models using aspect-oriented modeling techniques , 2005, MoDELS'05.

[5]  Jean-Philippe Babau,et al.  From MDD Concepts to Experiments and Illustrations , 2007 .

[6]  Jacques Klein,et al.  Weaving Multiple Aspects in Sequence Diagrams , 2007, LNCS Trans. Aspect Oriented Softw. Dev..

[7]  Daniel A. Menascé Security Performance , 2003, IEEE Internet Comput..

[8]  Siv Hilde Houmb,et al.  Decision Support for Choice of Security Solution: The Aspect-Oriented Risk Driven Development (AORDD)Framework , 2007 .

[9]  C. Murray Woodside,et al.  An intermediate metamodel with scenarios and resources for generating performance models from UML designs , 2007, Software & Systems Modeling.

[10]  Nape rvile Using Aspects to Abstract and Modularize Statecharts , 2004 .

[11]  Lirong Dai,et al.  Modeling and performance analysis for security aspects , 2006, Sci. Comput. Program..

[12]  Luciano Lavagno,et al.  UML for Real , 2003, Springer US.

[13]  Jing Xu,et al.  Performance analysis of security aspects in UML models , 2007, WOSP '07.

[14]  Connie U. Smith,et al.  Performance Engineering of Software Systems , 1990, SIGMETRICS Perform. Evaluation Rev..

[15]  Robert B. France,et al.  Model Composition Directives , 2004, UML.

[16]  C. Murray Woodside,et al.  A Metamodel for Generating Performance Models from UML Designs , 2004, UML.

[17]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[18]  Debanjan Saha,et al.  Transport layer security: how much does it really cost? , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[19]  José Merseguer,et al.  Performance by unified model analysis (PUMA) , 2005, WOSP '05.

[20]  Robert B. France,et al.  Directives for Composing Aspect-Oriented Design Class Models , 2006, LNCS Trans. Aspect Oriented Softw. Dev..

[21]  James H. Andrews,et al.  Process-Algebraic Foundations of Aspect-Oriented Programming , 2001, Reflection.

[22]  C. Murray Woodside,et al.  Performance analysis of distributed server systems , 2000 .

[23]  C. Murray Woodside,et al.  Software Resource Architecture , 2001, Int. J. Softw. Eng. Knowl. Eng..

[24]  I. Ray,et al.  An Aspect-Oriented Approach to Early Design Modeling , 2004 .

[25]  Jean-Marc Jézéquel,et al.  A toolkit for weaving aspect oriented UML designs , 2002, AOSD '02.

[26]  Dorina C. Petriu,et al.  Performance analysis of aspect-oriented UML models , 2007, Software & Systems Modeling.

[27]  Dorina C. Petriu,et al.  Performance Analysis with UML , 2003, UML for Real.

[28]  Haralambos Mouratidis,et al.  Integrating Security and Software Engineering: Advances and Future Visions , 2006 .

[29]  João Paulo Barros,et al.  Towards the Support for Crosscutting Concerns in Activity Diagrams: a Graphical Approach , 2003 .