Multi-layered Model-based Design Approach towards System Safety and Security Co-engineering

Quamara, Megha; Pedroza, Gabriel; Hamid, Brahim

doi:10.1109/models-c53483.2021.00048

Cited by 11 publications

(4 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to satisfy requirement R1, it is necessary to propose a modeling approach for the design of smart city systems. Quamara et al propose the state-of-the-art multilayered model-based security design approach for systems [61]. In their approach, a three-layer design model that consists of mission layer, function layer and architecture layer is proposed, which can consistently decompose high-level mission-centric system specifications into detailed and specific system architecture.…”

Section: (A) Uml Modelingmentioning

confidence: 99%

“…In their approach, a three-layer design model that consists of mission layer, function layer and architecture layer is proposed, which can consistently decompose high-level mission-centric system specifications into detailed and specific system architecture. Based on the three-layer design model [61] proposed by Quamara et al, this paper proposes a four-layer model for KPIguided security design of smart city systems. The proposed model consists of mission layer, function layer, architecture layer and security layer.…”

Section: (A) Uml Modelingmentioning

confidence: 99%

See 1 more Smart Citation

SCKPISec: A KPI-Guided Model-Based Approach to Realize Security by Design for Smart City Systems

Zhuang

Qiao

2023

Sustainability

View full text Add to dashboard Cite

This paper focuses on security by design for smart city systems. Insecure smart city systems may cause serious losses to the social, environmental and economic development of smart cities. Therefore, it is essential to ensure security by design for smart city systems. For large-scale, hyper-connected smart city systems consisting of a large number of interconnected devices of different types, analyzing the impact of security threats on the whole system as well as the various aspects of smart cities at the early design stage of the system is an important and difficult problem that remains unsolved. To address this problem, this paper proposes a KPI-guided model-based approach and accompanying prototype tool, named SCKPISec (Smart City KPI-guided Security). By applying the techniques of UML modeling, formal modeling and verification, and KPIs evaluation, SCKPISec provides an effective way to realize KPI-guided security by design for smart city systems. We evaluated SCKPISec through case studies. The results show that SCKPISec can efficiently detect the potential problems of smart city systems under security threats and has high feasibility and applicability in ensuring KPI-guided security by design for smart city systems. Compared with existing model-based security approaches, the advantage of SCKPISec is that it has a highly automated verification process and provides an effective and efficient solution to evaluate the potential KPI losses of smart cities under security threats at the early design stage of smart city systems.

show abstract

Section: (A) Uml Modelingmentioning

confidence: 99%

Section: (A) Uml Modelingmentioning

confidence: 99%

SCKPISec: A KPI-Guided Model-Based Approach to Realize Security by Design for Smart City Systems

Zhuang

Qiao

2023

Sustainability

View full text Add to dashboard Cite

show abstract

“…Quamara et al proposed in 2021 a modeling framework for security requirements [14] that has three layers: a mission layer that is used for capturing what is needed to be achieved by the system; a functional layer that is used for capturing how to achieve what is needed to be achieved by the system; and an architectural layer that is used for capturing which elements can finally realize the "what" and "how". In such a way formalization of both model and security properties is achieved.…”

Section: Benefits and Limitations Of Specification Approachesmentioning

confidence: 99%

Security Requirements Specification and Tracing within Topological Functioning Model

Nazaruka¹

2022

J. Complex Syst. Inform. Model. Q.

View full text Add to dashboard Cite

Specification and traceability of security requirements is still a challenge since modeling and analysis of security aspects of systems require additional efforts at the very beginning of software development. The topological functioning model is a formal mathematical model that can be used as a reference model for functional and non-functional requirements of the system. It can also serve as a reference model for security requirements. The purpose of this study is to determine the approach to how security requirements can be specified and traced using the topological functioning model. This article demonstrates the suggested approach and explains its potential benefits and limitations.

show abstract

“…To address the problematics above (P1-P4), we propose a joint design and analysis approach for safety and security coengineering in the context of a multi-layered system modeling, similar to [7], with the aim to make the complexity of engineered systems potentially addressable. The initial formulation of the approach presented in this paper has been previously published in [8]. Indeed, this work extends those ideas for a three-layered mission-functional-component system representation, mainly focusing on (1) the modeling aspects for system design, (2) the formal analysis of safety and security properties, and (3) the implementation of a tool-chain support prototype.…”

Section: Introductionmentioning

confidence: 99%

Facilitating Safety and Security Co-design and Formal Analysis in Multi-layered System Modeling

Quamara

Pedroza

Hamid

2022

2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf

Self Cite

View full text Add to dashboard Cite

The engineering process of systems deployed in critical domains (e.g., automotive) advocates for early-stage integrated analysis of safety and security concerns, given their mutual influence. Specifically, in the design phase, safety and security requirements undergo a transition to the system architectural design across different granular and conceptual representations. However, such an enrichment process is often complex and lacks preliminary guidance to consistently break down high-level system specifications and requirements into intricate architecture and deployment. In particular, engineers require further support to interpret diverse system, safety, and security expertise and facilitate the consistent passage of knowledge pertaining to these disciplines for automated analysis. To this end, we propose an approach to facilitate the joint design and formal analysis of system safety and security concerns. Notably, the approach aims for a three-layered system modeling, integrating mission, functional and component views, and also, reusable libraries of pre-defined safety and security properties, specialize-able across them. We couple the Model-Driven Engineering (MDE) paradigm and Formal Methods (FM) for the hierarchical-precise modeling, formal interpretation, and verification of model views w.r.t. the desired properties. The accompanying tool-chain support for approach instantiation builds upon Papyrus as a modeling framework and Rodin as a formal-based tool for verification. The proposed approach is illustrated via a Connected-Driving Vehicles (CDVs) use case.

show abstract

Multi-layered Model-based Design Approach towards System Safety and Security Co-engineering

Cited by 11 publications

References 28 publications

SCKPISec: A KPI-Guided Model-Based Approach to Realize Security by Design for Smart City Systems

SCKPISec: A KPI-Guided Model-Based Approach to Realize Security by Design for Smart City Systems

Security Requirements Specification and Tracing within Topological Functioning Model

Facilitating Safety and Security Co-design and Formal Analysis in Multi-layered System Modeling

Contact Info

Product

Resources

About