Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems

Ludovic Apvrille
(Institut Mines-Telecom, Telecom ParisTech, CNRS LTCI)
Yves Roudier
(EURECOM)

We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment aimed at fostering the collaboration between system designers and security experts at all methodological stages of the development of an embedded system. A central issue in the design of an embedded system is the definition of the hardware/software partitioning of the architecture of the system, which should take place as early as possible. SysML-Sec aims to extend the relevance of this analysis through the integration of security requirements and threats. In particular, we propose an agile methodology whose aim is to assess early on the impact of the security requirements and of the security mechanisms designed to satisfy them over the safety of the system. Security concerns are captured in a component-centric manner through existing SysML diagrams with only minimal extensions. After the requirements captured are derived into security and cryptographic mechanisms, security properties can be formally verified over this design. To perform the latter, model transformation techniques are implemented in the SysML-Sec toolchain in order to derive a ProVerif specification from the SysML models. An automotive firmware flashing procedure serves as a guiding example throughout our presentation.

In Barbara Kordy, Sjouke Mauw and Wolter Pieters: Proceedings First International Workshop on Graphical Models for Security (GraMSec 2014), Grenoble, France, April 12, 2014, Electronic Proceedings in Theoretical Computer Science 148, pp. 15–30.
Published: 6th April 2014.

ArXived at: http://dx.doi.org/10.4204/EPTCS.148.2 bibtex PDF
References in reconstructed bibtex, XML and HTML format (approximated).
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org