A model-driven and generative approach to holistic security

Frederik Gossen, Tiziana Margaria, Johannes Neubauer, Bernhard Steffen

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

Functional and technical cyber-resilience gain increasing relevance for the health and integrity of connected and interoperating systems. In this chapter we demonstrate the power and flexibility of extreme model-driven design to provide holistic security to security-agnostic applications. Using C-IME, our integrated modelling environment for C/C++, we show how easily a modelled application can be enhanced with hardware security features fully automatically during code generation. We illustrate how to use this approach and design environment to make any modelled application ready to securely store its data in potentially insecure environments. The same approach can be used to secure communication over potentially insecure channels. In fact, our approach does not require any changes of the application model. Rather, our integrated modelling environment provides a dedicated modelling language for code generators which resorts to a Domain Specific Language for security. It is realized as a palette of security primitives whose implementation is based on underlying hardware security technology. The code generator injects security appropriately into the models of the applications under development. We illustrate the use of this security-injecting code generator on the case study of a to-do list management application. The code generator is generic and can be used to secure the file handling of any application modelled in the C-IME.

Original languageEnglish
Title of host publicationAdvanced Sciences and Technologies for Security Applications
PublisherSpringer
Pages123-147
Number of pages25
DOIs
Publication statusPublished - 2019

Publication series

NameAdvanced Sciences and Technologies for Security Applications
ISSN (Print)1613-5113
ISSN (Electronic)2363-9466

Fingerprint

Dive into the research topics of 'A model-driven and generative approach to holistic security'. Together they form a unique fingerprint.

Cite this