Jamal El Hachem, Z. Pang, Vanea Chiprianov, M. Babar, P. Aniorté
{"title":"系统的系统模型驱动软件安全体系结构","authors":"Jamal El Hachem, Z. Pang, Vanea Chiprianov, M. Babar, P. Aniorté","doi":"10.1109/APSEC.2016.023","DOIUrl":null,"url":null,"abstract":"Recently, there is a growing interest in Systems of Systems (SoS), their architecture, security and application domains. However, their specific characteristics such as the operational independence of SoS constituent systems (CS), the absence of central authority and their emergent behavior make the modeling of their structure, behavior and security a complex task. One of the current main security challenges in the context of SoS is the cascading attack problem. The challenge is to predict the concatenation/sequence of CS's vulnerabilities that could be triggered resulting in destructive cascading failures and take corrective actions to reduce the cost, development time and effect of later changes. In this paper, we propose a domain specific modeling language (DSML) to represent SoS security rchitecture. Having SoS security models will enable the discovery, analysis and resolution of cascading attacks, in the architecture phase, preventing development time and cost wastage. Following a Model Driven Engineering (MDE) approach, we generate a graphical editor for our DSML and use it to model a Smart Campus case study.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Model Driven Software Security Architecture of Systems-of-Systems\",\"authors\":\"Jamal El Hachem, Z. Pang, Vanea Chiprianov, M. Babar, P. Aniorté\",\"doi\":\"10.1109/APSEC.2016.023\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, there is a growing interest in Systems of Systems (SoS), their architecture, security and application domains. However, their specific characteristics such as the operational independence of SoS constituent systems (CS), the absence of central authority and their emergent behavior make the modeling of their structure, behavior and security a complex task. One of the current main security challenges in the context of SoS is the cascading attack problem. The challenge is to predict the concatenation/sequence of CS's vulnerabilities that could be triggered resulting in destructive cascading failures and take corrective actions to reduce the cost, development time and effect of later changes. In this paper, we propose a domain specific modeling language (DSML) to represent SoS security rchitecture. Having SoS security models will enable the discovery, analysis and resolution of cascading attacks, in the architecture phase, preventing development time and cost wastage. Following a Model Driven Engineering (MDE) approach, we generate a graphical editor for our DSML and use it to model a Smart Campus case study.\",\"PeriodicalId\":339123,\"journal\":{\"name\":\"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/APSEC.2016.023\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APSEC.2016.023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Model Driven Software Security Architecture of Systems-of-Systems
Recently, there is a growing interest in Systems of Systems (SoS), their architecture, security and application domains. However, their specific characteristics such as the operational independence of SoS constituent systems (CS), the absence of central authority and their emergent behavior make the modeling of their structure, behavior and security a complex task. One of the current main security challenges in the context of SoS is the cascading attack problem. The challenge is to predict the concatenation/sequence of CS's vulnerabilities that could be triggered resulting in destructive cascading failures and take corrective actions to reduce the cost, development time and effect of later changes. In this paper, we propose a domain specific modeling language (DSML) to represent SoS security rchitecture. Having SoS security models will enable the discovery, analysis and resolution of cascading attacks, in the architecture phase, preventing development time and cost wastage. Following a Model Driven Engineering (MDE) approach, we generate a graphical editor for our DSML and use it to model a Smart Campus case study.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
