An approach to model-based development of secure and reliable systems

Eduardo B. Fernandez, Hironori Washizaki, Nobukazu Yoshioka, Michael VanHilst

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system.

Original languageEnglish
Title of host publicationProceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011
Pages260-265
Number of pages6
DOIs
Publication statusPublished - 2011 Nov 9
Event2011 6th International Conference on Availability, Reliability and Security, ARES 2011 - Vienna, Austria
Duration: 2011 Aug 222011 Aug 26

Publication series

NameProceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011

Conference

Conference2011 6th International Conference on Availability, Reliability and Security, ARES 2011
CountryAustria
CityVienna
Period11/8/2211/8/26

    Fingerprint

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality

Cite this

Fernandez, E. B., Washizaki, H., Yoshioka, N., & VanHilst, M. (2011). An approach to model-based development of secure and reliable systems. In Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011 (pp. 260-265). [6045948] (Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011). https://doi.org/10.1109/ARES.2011.45