Title :
Generating formal specifications for security-critical applications - A model-driven approach
Author :
Moebius, Nina ; Stenzel, Kurt ; Reif, Wolfgang
Author_Institution :
Dept. of Software Eng. & Programming Languages, Univ. Augsburg, Augsburg
Abstract :
The SecureMDD approach aims to generate both, a formal specification for verification and executable code, from UML diagrams. The UML models define the static as well as dynamic components of the system under development. This model-driven approach is focused on security-critical applications that are based on cryptographic protocols, especially Java Card applications. In this paper we describe the generation of the formal specification from the UML model which is then used as input for our interactive verification system KIV. The formal specification is based on abstract state machines and algebraic specifications. It allows to formulate and to prove application-specific security properties.
Keywords :
Java; Unified Modeling Language; algebraic specification; cryptographic protocols; object-oriented programming; program compilers; program verification; Java Card application; KIV interactive verification system; SecureMDD approach; UML diagram; abstract state machine; algebraic specification; code verification; cryptographic protocol; formal specification; model-driven approach; security-critical application; unified modeling language; Application software; Computer languages; Computer science; Cryptographic protocols; Formal specifications; Java; Object oriented modeling; Security; Software engineering; Unified modeling language;
Conference_Titel :
Software Engineering for Secure Systems, 2009. SESS '09. ICSE Workshop on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-3725-2
DOI :
10.1109/IWSESS.2009.5068461
