Vanea Chiprianov scite author profile

Kermarrec

et al. 2012

Abstract. Telecommunication services are widespread and subject today to tensions on a competitive market. Telecommunication service design is more and more software oriented. To reduce time to market and cost of services, a service designer better need to simulate and evaluate his design earlier. The approach proposed in this paper is to reduce the abstraction gap between modeling and simulation phases using model transformation. But manual transformations are so far time consuming and error prone. As a trustworthy solution, model based techniques and associated transformations permit to systematically link service models with simulation phase before realization. We thus propose as a first contribution a meta-model dedicated to concepts of IP Multimedia Subsystem core network as a case study. Our meta-model constrains and defines such network entities to be used in the code generation, which is our second contribution. The implementation of a video conference service permits to illustrate our workbench.

A Review of Security Requirements Engineering Methods with Respect to Risk Analysis and Model-Driven Engineering

Muñante

Gallon

et al. 2014

Part 1: Cross-Domain Conference and Workshop on Multidisciplinary Research and Practice for Information Systems (CD-ARES 2014): Software SecurityInternational audienceOne of the most important aspects that help improve the quality and cost of secure information systems in their early stages of the development lifecycle is Security Requirements Engineering (SRE). However, obtaining such requirements is non-trivial. One domain dealing also with eliciting security requirements is Risk Analysis (RA). Therefore, we perform a review of SRE methods in order to analyse which ones are compatible with RA processes. Moreover, the transition from these early security requirements to security policies at later stages in the lifecycle is generally non-automatic, informal and incomplete. To deal with such issues, model-driven engineering (MDE) uses formal models and automatic model transformations. Therefore, we also review which SRE methods are compatible with MDE approaches. Consequently, our review is based on criteria derived partially from existing survey works, further enriched and specialized in order to evaluate the compatibility of SRE methods with the disciplines of RA and MDE. It summarizes the evidence regarding this issue so as to improve understanding and facilitate evaluating and selecting SRE methods

Towards modelling and analysing non-functional properties of systems of systems

Falkner

Gallon

et al. 2014

HAL is a multidisciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

Model Driven Software Security Architecture of Systems-of-Systems

Hachem

Pang

et al. 2016

Recently, there is a growing interest in Systems of Systems (SoS), their architecture, security and application domains. However, their specific characteristics such as the operational independence of SoS constituent systems (CS), the absence of central authority and their emergent behavior make the modeling of their structure, behavior and security a complex task. One of the current main security challenges in the context of SoS is the cascading attack problem. The challenge is to predict the concatenation/sequence of CS's vulnerabilities that could be triggered resulting in destructive cascading failures and take corrective actions to reduce the cost, development time and effect of later changes. In this paper, we propose a domain specific modeling language (DSML) to represent SoS security architecture. Having SoS security models will enable the discovery, analysis and resolution of cascading attacks, in the architecture phase, preventing development time and cost wastage. Following a Model Driven Engineering (MDE) approach, we generate a graphical editor for our DSML and use it to model a Smart Campus case study.