SysML-Sec: A SysML Environment for the Design and Development of Secure Embedded Systems - Télécom Paris Accéder directement au contenu
Communication Dans Un Congrès Année : 2013

SysML-Sec: A SysML Environment for the Design and Development of Secure Embedded Systems

Yves Roudier

Résumé

Designing a secure system has always been a difficult exercise. In practice, much of the focus for designers and developers has been on delivering a working system in the first place. Security concerns have long been considered only in retrospect, especially after serious flaws are discovered. On the contrary, safety issues are commonly taken into account from the very first development phases. However, the size, heterogeneity, and communication features of modern embedded systems make it compelling to develop an appropriate engineering methodology to more explicitly define security objectives and threats. All this complexity also makes it compelling to verify that requirements are consistent with and satisfied by a candidate design before any commitment to a particular implementation. This paper introduces SysML-Sec, a new SysML environment that makes it possible for security experts to intervene at all methodological stages, as well as to assess the impact of security over safety. Safety and security requirements are first captured within extended SysML Requirement diagrams. Attacks are organized within Parametric diagrams, where assets are represented with blocks. Since assets in embedded system are composed of functional and architectural elements of the system, requirements are linked to as- sets, and subsequently attacks, in a partitioning stage. The partitioning phase includes a functional description, a description of the hardware architecture, and a mapping stage in which functions and communications between functions are to be mapped over hardware components. Once partitioned, software-implemented functions are designed with communicating blocks and state machines. Executable code can then be generated from design diagrams. An automotive embedded application, developed with industrial partners in the scope of the FP7 European project EVITA, illustrates the relevance of SysML-Sec. This use case was modeled with the open-source tool TTool, which supports SysML-Sec as well as safety/security simulation and formal proof.
Fichier non déposé

Dates et versions

hal-02288385 , version 1 (14-09-2019)

Identifiants

  • HAL Id : hal-02288385 , version 1

Citer

Ludovic Apvrille, Yves Roudier. SysML-Sec: A SysML Environment for the Design and Development of Secure Embedded Systems. APCOSEC 2013, Aug 2013, Yokohama, Japan. ⟨hal-02288385⟩
128 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More