A Language-Based Multi-View Approach for Combining Functional and Security Models

2019 26th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2019-12-01 DOI:10.1109/APSEC48747.2019.00064

Hui Zhao, F. Mallet, L. Apvrille

{"title":"A Language-Based Multi-View Approach for Combining Functional and Security Models","authors":"Hui Zhao, F. Mallet, L. Apvrille","doi":"10.1109/APSEC48747.2019.00064","DOIUrl":null,"url":null,"abstract":"The design flaws and attacks on Cyber-Physical Systems (CPSs) can lead to severe consequences. Thus, security and safety (S&S) issues should be taken into account with functional design as early as possible during the developing process. However, it's rare to see \"one-size-fits-all\" modeling language and/or design tool. One way to solve this issue is to integrate different nature models into one model system, but this requires a unified semantic among modeling languages. We explore a model-based approach for systems engineering that facilitates the composition of several heterogeneous artifacts (called views) into a sound and consistent system model. Rather than trying to extend either SysML or SysML-sec into more expressive languages to add the missing features, we extract proper subsets of both languages to build a view adequate for conducting a security and safety analysis of Capella (SysML-based) functional models. Our language is generic enough to extract proper subsets of languages and combine them to build views for different experts. Moreover, it maintains a global consistency between the different views.","PeriodicalId":325642,"journal":{"name":"2019 26th Asia-Pacific Software Engineering Conference (APSEC)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 26th Asia-Pacific Software Engineering Conference (APSEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APSEC48747.2019.00064","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The design flaws and attacks on Cyber-Physical Systems (CPSs) can lead to severe consequences. Thus, security and safety (S&S) issues should be taken into account with functional design as early as possible during the developing process. However, it's rare to see "one-size-fits-all" modeling language and/or design tool. One way to solve this issue is to integrate different nature models into one model system, but this requires a unified semantic among modeling languages. We explore a model-based approach for systems engineering that facilitates the composition of several heterogeneous artifacts (called views) into a sound and consistent system model. Rather than trying to extend either SysML or SysML-sec into more expressive languages to add the missing features, we extract proper subsets of both languages to build a view adequate for conducting a security and safety analysis of Capella (SysML-based) functional models. Our language is generic enough to extract proper subsets of languages and combine them to build views for different experts. Moreover, it maintains a global consistency between the different views.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

结合功能模型和安全模型的基于语言的多视图方法

网络物理系统(cps)的设计缺陷和攻击可能导致严重的后果。因此，在开发过程中，应尽早在功能设计中考虑安全与安全(S&S)问题。然而，很少看到“一刀切”的建模语言和/或设计工具。解决这个问题的一种方法是将不同的自然模型集成到一个模型系统中，但是这需要建模语言之间的统一语义。我们为系统工程探索了一种基于模型的方法，它促进了将几个异质工件(称为视图)组合成一个健全和一致的系统模型。我们没有尝试将SysML或SysML-sec扩展为更具表现力的语言来添加缺失的特性，而是提取这两种语言的适当子集来构建一个视图，以便对Capella(基于SysML的)功能模型进行安全性和安全性分析。我们的语言足够通用，可以提取语言的适当子集，并将它们组合起来，为不同的专家构建视图。此外，它还保持了不同视图之间的全局一致性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2019 26th Asia-Pacific Software Engineering Conference (APSEC)

自引率

0.00%

发文量