Formalization of design patterns for security anddependability

Abstract

In critical systems, failures or attacks based on software misconceptions can have catastrophic consequences. In order to avoid those situations, such systems need security and dependability (S&D) constraints. Usually S&D design patterns shape S&D mechanisms. Security and dependability experts identify S&D mechanisms to reach S&D objectives and manually apply them to the system architecture. Our contribution consists in studying S&D design patterns application. We formalize these S&D design patterns as model transformations, preconditions and postconditions to automate their integration. Finally, we illustrate this process with a Software Defined Radio case study to which we apply the red/black (R/B) architecture security design pattern.