Title :
Security-critical system development with extended use cases
Author :
Popp, G. ; Jürjens, J. ; Wimmel, G. ; Breu, R.
Author_Institution :
Inst. fur Inf., Technische Univ. Munchen, Garching, Germany
Abstract :
Due to increasing interconnection, IT systems are confronted with more and more attacks. To address this problem, we have to consider security requirements from the beginning of the system development. In early phases of system development, it is common to use a hybrid system view which is based on an object oriented modeling of the application core and the specification of use cases. We present an extension of this process for security-critical systems. We show a methodical approach for the development of security-critical systems and the modeling of security aspects in the application core with an extension of the Unified Modeling Language for secure systems development, UMLsec. Furthermore, we introduce security use cases for the development of security aspects in conjunction with behavioral modeling.
Keywords :
object-oriented methods; security of data; software engineering; specification languages; UMLsec; Unified Modeling Language; application core; behavioral modeling; hybrid system view; object oriented modeling; security requirement; security-critical system development; Books; Computer aided software engineering; Context modeling; Contracts; Data security; LAN interconnection; Object oriented modeling; Programming; Software engineering; Unified modeling language;
Conference_Titel :
Software Engineering Conference, 2003. Tenth Asia-Pacific
Print_ISBN :
0-7695-2011-1
DOI :
10.1109/APSEC.2003.1254403
