Security Aspect Specification

In this chapter, we present the AOM profile proposed for the specification of security aspects on UML design models. The proposed profile covers the main UML diagrams that are used in software design, i.e., class diagrams, state machine diagrams, sequence diagrams, and activity diagrams. In addition, it covers most common AOP adaptations, i.e., adding new elements before, after, or around specific points, and removing existing elements. Moreover, we present a high-level and user-friendly pointcut language proposed to designate the locations where aspect adaptations should be injected into base models

Aspect-oriented security hardening of UML design models

© Springer International Publishing Switzerland 2015. This book comprehensively presents a novel approach to the systematic security hardening of software design models expressed in the standard UML language. It combines model-driven engineering and the aspect-oriented paradigm to integrate security practices into the early phases of the software development process. To this end, a UML profile has been developed for the specification of security hardening aspects on UML diagrams. In addition, a weaving framework, with the underlying theoretical foundations, has been designed for the systematic injection of security aspects into UML models. The work is organized as follows: chapter 1 presents an introduction to software security, model-driven engineering, UML and aspect-oriented technologies. Chapters 2 and 3 provide an overview of UML language and the main concepts of aspect-oriented modeling (AOM) respectively. Chapter 4 explores the area of model-driven architecture with a focus on model transformations. The main approaches that are adopted in the literature for security specification and hardening are presented in chapter 5. After these more general presentations, chapter 6 introduces the AOM profile for security aspects specification. Afterwards, chapter 7 details the design and the implementation of the security weaving framework, including several real-life case studies to illustrate its applicability. Chapter 8 elaborates an operational semantics for the matching/weaving processes in activity diagrams, while chapters 9 and 10 present a denotational semantics for aspect matching and weaving in executable models following a continuation-passing style. Finally, a summary and evaluation of the work presented are provided in chapter 11. The book will benefit researchers in academia and industry as well as students interested in learning about recent research advances in the field of software security engineering

Model-driven performance evaluation for service engineering

Service engineering and service-oriented architecture as an integration and platform technology is a recent approach to software systems integration. Software quality aspects such as performance are of central importance for the integration of heterogeneous, distributed service-based systems. Empirical performance evaluation is a process of measuring and calculating performance metrics of the implemented software. We present an approach for the empirical, model-based performance evaluation of services and service compositions in the context of model-driven service engineering. Temporal databases theory is utilised for the empirical performance evaluation of model-driven developed service systems

Automated Mapping of UML Activity Diagrams to Formal Specifications for Supporting Containment Checking

Business analysts and domain experts are often sketching the behaviors of a software system using high-level models that are technology- and platform-independent. The developers will refine and enrich these high-level models with technical details. As a consequence, the refined models can deviate from the original models over time, especially when the two kinds of models evolve independently. In this context, we focus on behavior models; that is, we aim to ensure that the refined, low-level behavior models conform to the corresponding high-level behavior models. Based on existing formal verification techniques, we propose containment checking as a means to assess whether the system's behaviors described by the low-level models satisfy what has been specified in the high-level counterparts. One of the major obstacles is how to lessen the burden of creating formal specifications of the behavior models as well as consistency constraints, which is a tedious and error-prone task when done manually. Our approach presented in this paper aims at alleviating the aforementioned challenges by considering the behavior models as verification inputs and devising automated mappings of behavior models onto formal properties and descriptions that can be directly used by model checkers. We discuss various challenges in our approach and show the applicability of our approach in illustrative scenarios.Comment: In Proceedings FESCA 2014, arXiv:1404.043

Semantic model-driven development of web service architectures.

Building service-based architectures has become a major area of interest since the advent of Web services. Modelling these architectures is a central activity. Model-driven development is a recent approach to developing software systems based on the idea of making models the central artefacts for design representation, analysis, and code generation. We propose an ontology-based engineering methodology for semantic model-driven composition and transformation of Web service architectures. Ontology technology as a logic-based knowledge representation and reasoning framework can provide answers to the needs of sharable and reusable semantic models and descriptions needed for service engineering. Based on modelling, composition and code generation techniques for service architectures, our approach provides a methodological framework for ontology-based semantic service architecture

A hybrid approach to workflow modelling

The increase in Business Process Management projects in the past decade has seen an increase in demand for business process modelling techniques. A rapidly growing aspect of BPM is the use of workflow management systems to automate routine and sequential processes. Workflows tend to move away from traditional definitions of business processes can often be forced to fit a model which does not suit its nature. Existing process modelling tools tend to be biased to either the informational, behavioural or object oriented aspect of the workflow. Because of this, models can often miss important aspects of a workflow. As well as managing the relationship between the types of model it is important to consider who will be using it as process models are useful in various ways. This paper reports on a case study in a manufacturing company where users were surveyed to see which are the notation that are most common in modelling based on two main categories (behavioural and informational). Research outcomes showed that there is no prevailing set of standards used for either of these categories, whilst most user feel the need to use more than one approach to model their system at any given time

Quality-aware model-driven service engineering

Service engineering and service-oriented architecture as an integration and platform technology is a recent approach to software systems integration. Quality aspects ranging from interoperability to maintainability to performance are of central importance for the integration of heterogeneous, distributed service-based systems. Architecture models can substantially influence quality attributes of the implemented software systems. Besides the benefits of explicit architectures on maintainability and reuse, architectural constraints such as styles, reference architectures and architectural patterns can influence observable software properties such as performance. Empirical performance evaluation is a process of measuring and evaluating the performance of implemented software. We present an approach for addressing the quality of services and service-based systems at the model-level in the context of model-driven service engineering. The focus on architecture-level models is a consequence of the black-box character of services

A graph-based aspect interference detection approach for UML-based aspect-oriented models

Aspect Oriented Modeling (AOM) techniques facilitate separate modeling of concerns and allow for a more flexible composition of these than traditional modeling technique. While this improves the understandability of each submodel, in order to reason about the behavior of the composed system and to detect conflicts among submodels, automated tool support is required. Current techniques for conflict detection among aspects generally have at least one of the following weaknesses. They require to manually model the abstract semantics for each system; or they derive the system semantics from code assuming one specific aspect-oriented language. Defining an extra semantics model for verification bears the risk of inconsistencies between the actual and the verified design; verifying only at implementation level hinders fixng errors in earlier phases. We propose a technique for fully automatic detection of conflicts between aspects at the model level; more specifically, our approach works on UML models with an extension for modeling pointcuts and advice. As back-end we use a graph-based model checker, for which we have defined an operational semantics of UML diagrams, pointcuts and advice. In order to simulate the system, we automatically derive a graph model from the diagrams. The result is another graph, which represents all possible program executions, and which can be verified against a declarative specification of invariants.\ud To demonstrate our approach, we discuss a UML-based AOM model of the "Crisis Management System" and a possible design and evolution scenario. The complexity of the system makes con°icts among composed aspects hard to detect: already in the case of two simulated aspects, the state space contains 623 di®erent states and 9 different execution paths. Nevertheless, in case the right pruning methods are used, the state-space only grows linearly with the number of aspects; therefore, the automatic analysis scales