Supporting pattern-based dependability engineering via model-driven development: Approach, tool-support and empirical validation

Hamid, Brahim; Pérez, Jon

doi:10.1016/j.jss.2016.09.027

Cited by 15 publications

(14 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Unlike security requirement repositories, model-driven repositories focus on the whole project lifecycle components. In another work, Hamid and Perez [22] provided a repository model to reuse the features (techniques, measures, etc.) related to domain standards specific to the engineering of embedded systems with safety requirements.…”

Section: Uml Basedmentioning

confidence: 99%

Reusable Security Requirements Repository Implementation Based on Application/System Components

Sönmez

Günel

2021

IEEE Access

View full text Add to dashboard Cite

Forming high quality requirements has a direct impact on project success. Gathering security requirements could be challenging, since it demands a multidisciplinary approach and security expertise. Security requirements repository enables an effective alternative for addressing this challenge. The main objective of this paper is to present the design of a practical repository model for reusable security requirements, which is easy to use and understand for even non-security experts. The paper also portrays an approach and a software tool for using this model to determine subtle security requirements for improved coverage. Proposed repository consists of attributes determined by examining common security problems covered in state-of-the-art publications. A test repository was prepared using specification files and Common Criteria documents. The outcomes of applying the proposed model were compared with the sample requirement sets included in the state-of-the-art publications. The results reveal that in the absence of a security requirements repository, key security points can be missed. Repository improves the completeness of the security terms with reasonable effort.

show abstract

Section: Uml Basedmentioning

confidence: 99%

Reusable Security Requirements Repository Implementation Based on Application/System Components

Sönmez

Günel

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Koch et al extended UML-based Web Engineering (UWE) to integrate patterns for Rich Internet Applications (RIAs), such as "auto-completion" or "periodic refresh" [20]; Fraternali et al extended a web engineering methodology to represent the features of RIAs by allocating specific functionality in the appropriate tier and specifying suitable design patterns for dealing with the interaction between the tiers [12]. A pattern-based model-driven approach for safety-critical systems was proposed in [14], to model dependability patterns and enable their reuse across domains. Zdun et al created an intermediate abstraction level consisting of pattern primitives, which can be used as building blocks for actual patterns applicable to the model-driven development of SOA processes [37].…”

Section: Related Workmentioning

confidence: 99%

Model Driven Development of Gamified Applications

Fraternali

Gonzalez

2019

JWE

View full text Add to dashboard Cite

Gamification is defined as the injection of game elements in applications with non-gaming purposes. This technique has shown outstanding results in promoting the engagement and activity on communities of users, in both business and non-for-profits fields. Often, gamification features are added late in the application life-cycle and must be weaved into the existing functions. In this paper, we present a model-driven approach to the design of gamified applications, which accelerates the introduction of gamification elements in pre-existing or new applications. The approach relies on a data model of gamification features and on design patterns for the front-end, which encode the essential elements of gamification in a platform independent way.

show abstract

“…However, our vision is not limited to engineering secure systems. We have also designed secure architectures for SIL4 safety-critical embedded systems for railway signaling (ERTMS/ETCS) ( Hamid and Perez, 2016 ).…”

Section: Information Disclosure Confidentialitymentioning

confidence: 99%

Engineering secure systems: Models, patterns and empirical validation

Hamid

Weber

2018

Computers & Security

Self Cite

View full text Add to dashboard Cite

Several development approaches have been proposed to handle the growing complexity of software system design. The most popular methods use models as the main artifacts to construct and maintain. The desired role of such models is to facilitate, systematize and standardize the construction of software-based systems. In our work, we propose a model-driven engineering (MDE) methodological approach associated with a pattern-based approach to support the development of secure software systems. We address the idea of using patterns to describe solutions for security as recurring security problems in specific design contexts and present a well-proven generic scheme for their solutions. The proposed approach is based on metamodeling and model transformation techniques to define patterns at different levels of abstraction and generate different representations according to the target domain concerns, respectively. Moreover, we describe an operational architecture for development tools to support the approach. Finally, an empirical evaluation of the proposed approach is presented through a practical application to a use case in the metrology domain with strong security requirements, which is followed by a description of a survey performed among domain experts to better understand their perceptions regarding our approach.

show abstract

Supporting pattern-based dependability engineering via model-driven development: Approach, tool-support and empirical validation

Cited by 15 publications

References 47 publications

Reusable Security Requirements Repository Implementation Based on Application/System Components

Reusable Security Requirements Repository Implementation Based on Application/System Components

Model Driven Development of Gamified Applications

Engineering secure systems: Models, patterns and empirical validation

Contact Info

Product

Resources

About