TY - GEN
T1 - Designing safe and secure embedded and cyber-physical systems with SysML-Sec
AU - Apvrille, Ludovic
AU - Roudier, Yves
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2015.
PY - 2015/1/1
Y1 - 2015/1/1
N2 - The introduction of security flaws into a system may result from design or implementation mistakes. It entail far-reaching consequences for connected embedded or cyber-physical systems, including physical harm. Security experts focus either on finding out and deriving security mechanisms from more or less explicitly defined security requirements or on the a posteriori assessment of vulnerabilities, namely pentesting. These approaches however often miss the necessary iterations between security countermeasures and system functionalities in terms of design and deployment. Worse, they generally fail to consider the implications of security issues over the system’s safety, like for instance the adverse effect that security countermeasures may produce over expected deadlines due to costly computations and communications latencies. SysML-Sec focuses on these issues throughout design and development thanks to its model-driven approach that promotes exchanges between system architects, safety engineers, and security experts. This paper discusses how SysML-Sec can be used to simultaneously deal with safety and security requirements, and illustrates the methodology with an automotive use case.
AB - The introduction of security flaws into a system may result from design or implementation mistakes. It entail far-reaching consequences for connected embedded or cyber-physical systems, including physical harm. Security experts focus either on finding out and deriving security mechanisms from more or less explicitly defined security requirements or on the a posteriori assessment of vulnerabilities, namely pentesting. These approaches however often miss the necessary iterations between security countermeasures and system functionalities in terms of design and deployment. Worse, they generally fail to consider the implications of security issues over the system’s safety, like for instance the adverse effect that security countermeasures may produce over expected deadlines due to costly computations and communications latencies. SysML-Sec focuses on these issues throughout design and development thanks to its model-driven approach that promotes exchanges between system architects, safety engineers, and security experts. This paper discusses how SysML-Sec can be used to simultaneously deal with safety and security requirements, and illustrates the methodology with an automotive use case.
U2 - 10.1007/978-3-319-27869-8_17
DO - 10.1007/978-3-319-27869-8_17
M3 - Conference contribution
AN - SCOPUS:84955298267
SN - 9783319278681
T3 - Communications in Computer and Information Science
SP - 293
EP - 308
BT - Model-Driven Engineering and Software Development - 3rd International Conference, MODELSWARD 2015, Revised Selected Papers
A2 - Pires, Luís Ferreira
A2 - Hammoudi, Slimane
A2 - Desfray, Philippe
A2 - Filipe, Joaquim
PB - Springer Verlag
T2 - 3rd International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2015
Y2 - 9 February 2015 through 11 February 2015
ER -