Aus SDQ-Wiki
Zur Navigation springen Zur Suche springen
Datum 2020/06/24 11:30:00 – 2020/06/24 12:30:00
Ort https://global.gotomeeting.com/join/121469005
Vortragende(r) Emre Taşpolatoğlu
Forschungsgruppe QSE
Titel Reusable Formal Models for Secure Software Architectures
Autoren Thomas Heyman, Riccardo Scandariato, Wouter Joosen
PDF https://ieeexplore.ieee.org/document/6337760
URL https://ieeexplore.ieee.org/document/6337760
BibTeX https://www.researchgate.net/publication/261127603 Reusable Formal Models for Secure Software Architectures/citation/download
Abstract Formal modelling techniques are often disregarded as their semantics are too distant from the mainstream practice of software architecture design, which is dominated by the use of component based modelling and patterns. This paper advocates the need for formal modelling techniques for humans, i.e., software architects who need to precisely ascertain the security properties of their design models. We contribute a technique that enables architects to more easily construct verified, secure architecture designs by assembling already verified security pattern models. Our approach is illustrated with a pattern language for accountability. It is validated by an observational study that shows that the approach produces reusable results, and is able to uncover relevant architectural security flaws.