SysML-Sec: A SysML Environment for the Design and Development of Secure Embedded Systems

Ludovic Apvrille 1, 2 Yves Roudier 3
1 LabSoC - System on Chip
LTCI - Laboratoire Traitement et Communication de l'Information
Abstract :

Designing a secure system has always been a difficult exercise. In practice, much of the focus for designers and developers has been on delivering a working system in the first place. Security concerns have long been considered only in retrospect, especially after serious flaws are discovered. On the contrary, safety issues are commonly taken into account from the very first development phases. However, the size, heterogeneity, and communication features of modern embedded systems make it compelling to develop an appropriate engineering methodology to more explicitly define security objectives and threats. All this complexity also makes it compelling to verify that requirements are consistent with and satisfied by a candidate design before any commitment to a particular implementation. This paper introduces SysML-Sec, a new SysML environment that makes it possible for security experts to intervene at all methodological stages, as well as to assess the impact of security over safety. Safety and security requirements are first captured within extended SysML Requirement diagrams. Attacks are organized within Parametric diagrams, where assets are represented with blocks. Since assets in embedded system are composed of functional and architectural elements of the system, requirements are linked to as- sets, and subsequently attacks, in a partitioning stage. The partitioning phase includes a functional description, a description of the hardware architecture, and a mapping stage in which functions and communications between functions are to be mapped over hardware components. Once partitioned, software-implemented functions are designed with communicating blocks and state machines. Executable code can then be generated from design diagrams. An automotive embedded application, developed with industrial partners in the scope of the FP7 European project EVITA, illustrates the relevance of SysML-Sec. This use case was modeled with the open-source tool TTool, which supports SysML-Sec as well as safety/security simulation and formal proof.

Complete list of metadatas

https://hal.telecom-paristech.fr/hal-02288385
Contributor : Telecomparis Hal <>
Submitted on : Saturday, September 14, 2019 - 6:44:49 PM
Last modification on : Tuesday, November 5, 2019 - 9:32:04 AM

Identifiers

  • HAL Id : hal-02288385, version 1

Citation

Ludovic Apvrille, Yves Roudier. SysML-Sec: A SysML Environment for the Design and Development of Secure Embedded Systems. APCOSEC 2013, Aug 2013, Yokohama, Japan. ⟨hal-02288385⟩

Share

Metrics

Record views

11