论文信息 - Debugging support for security properties of software architectures

Debugging support for security properties of software architectures

Determining whether a software architecture meets its security requirements is an early step in assuring the security of the products developed from the architecture. In this paper, we propose a tool-based technique using an authorization scheme to analyze the security of software architectures. Such technique will serve as debugging support for software architectures to identify the portion in the software architecture that fails to meet the required level. Security is analyzed in terms of its aggregate attributes: availability, confidentiality, and integrity. In this paper, we address confidentiality and show that integrity is measured in a complementary manner to confidentiality. A scenario based approach is taken to analyze security in a software architecture. Our work is implemented in the OSATE environment and analyzes software architectures modeled using AADL (Architecture Analysis and Design Language).

John D. McGregor | Kyungsoo Im | J. McGregor | Kyungsoo Im

[1] Laurent Nana,et al. Scheduling and memory requirements analysis with AADL , 2005, SIGAda.

[2] Carrie Gates,et al. Defining the insider threat , 2008, CSIIRW '08.

[3] Laurent Pautet,et al. From the prototype to the final embedded system using the Ocarina AADL tool suite , 2008, TECS.

[4] John D. McGregor,et al. Toward a Reasoning Framework for Dependability , 2008 .

[5] Paul Pettersson,et al. ABV - A Verifier for the Architecture Analysis and Design Language (AADL) , 2011, 2011 16th IEEE International Conference on Engineering of Complex Computer Systems.

[6] Paul Clements,et al. Software architecture in practice , 1999, SEI series in software engineering.

[7] Lars Grunske. Transformational patterns for the improvement of safety properties in architectural specification , 2003 .

[8] Steve McConnell,et al. Code complete - a practical handbook of software construction, 2nd Edition , 1993 .