Software design patterns are solutions for recurring design problems. Many have introduced their catalogues in order to describe those patterns using templates which consist of informal statements as well as UML diagrams. Security patterns are design patterns for specific security problems domains, therefore, they are described in the same manner. However, the current catalogues describing security patterns contain a level of ambiguity and imprecision. These issues might result in incorrect implementations, which will be vital and at high cost security flaw, especially after delivery. In addition, software maintainability will be difficult thereafter, especially for systems with poor documentation. Therefore, it is important to overcome these issues by patterns formalisation in order to allow sharing the same understanding of the patterns to be implemented.
The current patterns formalisation approaches aim to translate UML diagrams using different formal methods. However, these diagrams are incomplete or suffer from levels of ambiguity and imprecision. Furthermore, the employed diagrams notations cannot depict the abstraction shown in the patterns descriptions. In addition, the current formalisation approaches cannot formalise some security properties shown the diagrams, such as system boundary.
Furthermore, detecting patterns in a source-code improves the overall software maintenance, especially when obsolete or lost system documentation is often the case of large and legacy systems. Current patterns detection approaches rely on translating the diagrams of the patterns. Consequently, the issue of detecting patterns with abstraction is not possible using such approaches. In addition, these approaches lack generality, abstraction detection, and efficiency.
This research suggests the use of Codecharts for security patterns formalisation as well as studying relationships among patterns. Besides, it investigates relationships among patterns. Furthermore, it proposes a pattern detection approach which outperforms the current pattern detection approaches in terms of generality, and abstraction detection. The approach competes in performance with the current efficient pattern detection approaches
