Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings

Sven Matthias Peldszus; Katja Tuma; Daniel Strüber; Jan Jürjens; Riccardo Scandariato

doi:10.1109/models.2019.00-18

Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings

Sven Matthias Peldszus
, Katja Tuma
, Daniel Strüber
, Jan Jürjens
, Riccardo Scandariato

Research output: Conference Article in Proceeding or Book/Report chapter › Article in proceedings › Research › peer-review

Abstract

During the development of security-critical software, the system implementation must capture the security properties postulated by the architectural design. This paper presents an approach to support secure data-flow compliance checks between design models and code. To iteratively guide the developer in discovering such compliance violations we introduce automated mappings. These mappings are created by searching for correspondences between a design-level model (Security Data Flow Diagram) and an implementation-level model (Program Model). We limit the search space by considering name similarities between model elements and code elements as well as by the use of heuristic rules for matching data-flow structures. The main contributions of this paper are three-fold. First, the automated mappings support the designer in an early discovery of implementation absence, convergence, and divergence with respect to the planned software design. Second, the mappings also support the discovery of secure data-flow compliance violations in terms of illegal asset flows in the software implementation. Third, we present our implementation of the approach as a publicly available Eclipse plugin and its evaluation on five open source Java projects (including Eclipse secure storage).

Original language	English
Title of host publication	2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems (MODELS)
Publication date	Sept 2019
Pages	23-33
ISBN (Print)	9781728125367
DOIs	https://doi.org/10.1109/models.2019.00-18
Publication status	Published - Sept 2019
Externally published	Yes
Event	International Conference on Model Driven Engineering Languages and Systems - Munich, Germany Duration: 15 Sept 2019 → 20 Sept 2019 Conference number: 22 https://modelsconf19.org/

Conference

Conference	International Conference on Model Driven Engineering Languages and Systems
Number	22
Country/Territory	Germany
City	Munich
Period	15/09/2019 → 20/09/2019
Internet address	https://modelsconf19.org/

Keywords

Model-to-Model Transformation (M2M)
Data Flow Diagram (DFD)
Security compliance
Security-by-design

Access to Document

10.1109/models.2019.00-18

Cite this

@inproceedings{aac1ed82d3bf438dbb8554c16c4642ad,

title = "Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings",

abstract = "During the development of security-critical software, the system implementation must capture the security properties postulated by the architectural design. This paper presents an approach to support secure data-flow compliance checks between design models and code. To iteratively guide the developer in discovering such compliance violations we introduce automated mappings. These mappings are created by searching for correspondences between a design-level model (Security Data Flow Diagram) and an implementation-level model (Program Model). We limit the search space by considering name similarities between model elements and code elements as well as by the use of heuristic rules for matching data-flow structures. The main contributions of this paper are three-fold. First, the automated mappings support the designer in an early discovery of implementation absence, convergence, and divergence with respect to the planned software design. Second, the mappings also support the discovery of secure data-flow compliance violations in terms of illegal asset flows in the software implementation. Third, we present our implementation of the approach as a publicly available Eclipse plugin and its evaluation on five open source Java projects (including Eclipse secure storage).",

keywords = "Model-to-Model Transformation (M2M), Data Flow Diagram (DFD), Security compliance, Security-by-design",

author = "Peldszus, \{Sven Matthias\} and Katja Tuma and Daniel Str{\"u}ber and Jan J{\"u}rjens and Riccardo Scandariato",

year = "2019",

month = sep,

doi = "10.1109/models.2019.00-18",

language = "English",

isbn = "9781728125367",

pages = "23--33",

booktitle = "2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems (MODELS)",

note = "International Conference on Model Driven Engineering Languages and Systems, MODELS ; Conference date: 15-09-2019 Through 20-09-2019",

url = "https://modelsconf19.org/",

}

Peldszus, SM, Tuma, K, Strüber, D, Jürjens, J & Scandariato, R 2019, Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings. in 2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems (MODELS). pp. 23-33, International Conference on Model Driven Engineering Languages and Systems, Munich, Bavaria, Germany, 15/09/2019. https://doi.org/10.1109/models.2019.00-18

Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings. / Peldszus, Sven Matthias; Tuma, Katja; Strüber, Daniel et al.
2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems (MODELS). 2019. p. 23-33.

Research output: Conference Article in Proceeding or Book/Report chapter › Article in proceedings › Research › peer-review

TY - GEN

T1 - Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings

AU - Peldszus, Sven Matthias

AU - Tuma, Katja

AU - Strüber, Daniel

AU - Jürjens, Jan

AU - Scandariato, Riccardo

N1 - Conference code: 22

PY - 2019/9

Y1 - 2019/9

N2 - During the development of security-critical software, the system implementation must capture the security properties postulated by the architectural design. This paper presents an approach to support secure data-flow compliance checks between design models and code. To iteratively guide the developer in discovering such compliance violations we introduce automated mappings. These mappings are created by searching for correspondences between a design-level model (Security Data Flow Diagram) and an implementation-level model (Program Model). We limit the search space by considering name similarities between model elements and code elements as well as by the use of heuristic rules for matching data-flow structures. The main contributions of this paper are three-fold. First, the automated mappings support the designer in an early discovery of implementation absence, convergence, and divergence with respect to the planned software design. Second, the mappings also support the discovery of secure data-flow compliance violations in terms of illegal asset flows in the software implementation. Third, we present our implementation of the approach as a publicly available Eclipse plugin and its evaluation on five open source Java projects (including Eclipse secure storage).

AB - During the development of security-critical software, the system implementation must capture the security properties postulated by the architectural design. This paper presents an approach to support secure data-flow compliance checks between design models and code. To iteratively guide the developer in discovering such compliance violations we introduce automated mappings. These mappings are created by searching for correspondences between a design-level model (Security Data Flow Diagram) and an implementation-level model (Program Model). We limit the search space by considering name similarities between model elements and code elements as well as by the use of heuristic rules for matching data-flow structures. The main contributions of this paper are three-fold. First, the automated mappings support the designer in an early discovery of implementation absence, convergence, and divergence with respect to the planned software design. Second, the mappings also support the discovery of secure data-flow compliance violations in terms of illegal asset flows in the software implementation. Third, we present our implementation of the approach as a publicly available Eclipse plugin and its evaluation on five open source Java projects (including Eclipse secure storage).

KW - Model-to-Model Transformation (M2M)

KW - Data Flow Diagram (DFD)

KW - Security compliance

KW - Security-by-design

UR - http://dx.doi.org/10.1109/models.2019.00-18

U2 - 10.1109/models.2019.00-18

DO - 10.1109/models.2019.00-18

M3 - Article in proceedings

SN - 9781728125367

SP - 23

EP - 33

BT - 2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems (MODELS)

T2 - International Conference on Model Driven Engineering Languages and Systems

Y2 - 15 September 2019 through 20 September 2019

ER -

Secure Data-Flow Compliance Checks between Models and Code Based on Automated Mappings

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this