Towards the model-driven engineering of security requirements for embedded systems

Yves Roudier; Muhammad Sabir Idrees; Ludovic Apvrille

doi:10.1109/MoDRE.2013.6597264

Towards the model-driven engineering of security requirements for embedded systems

Yves Roudier, Muhammad Sabir Idrees, Ludovic Apvrille

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

This paper discusses why and how security requirements engineering must be adapted to the model-driven approach usually adopted to design and develop embedded systems. In particular, we discuss to what extent the elicitation of security requirements and the Y-chart partitioning approach, a central design methodology in embedded systems, can mutually enrich each other. We also show how SysML, which is already commonly used to engineer requirements in embedded systems, can also represent security requirements, assets, and threats with only a few extensions and thus support a more comprehensive requirements engineering methodology. We illustrate the use of our overall methodology and toolkit with examples from the automotive embedded system field in order to demonstrate the relevance of our approach.

Original language	English
Title of host publication	2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings
Pages	55-64
Number of pages	10
DOIs	https://doi.org/10.1109/MoDRE.2013.6597264
Publication status	Published - 21 Oct 2013
Externally published	Yes
Event	2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Rio de Janeiro, Brazil Duration: 15 Jul 2013 → 15 Jul 2013

Publication series

Name	2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings

Conference

Conference	2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013
Country/Territory	Brazil
City	Rio de Janeiro
Period	15/07/13 → 15/07/13

Keywords

Communication System Security
Component Architectures
Computer Security
Design methodology
Embedded Systems
Security Requirements Engineering
System-level design

Access to Document

10.1109/MoDRE.2013.6597264

Cite this

Roudier, Y., Idrees, M. S., & Apvrille, L. (2013). Towards the model-driven engineering of security requirements for embedded systems. In 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings (pp. 55-64). Article 6597264 (2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings). https://doi.org/10.1109/MoDRE.2013.6597264

@inproceedings{905f9306f9824f518878384280273841,

title = "Towards the model-driven engineering of security requirements for embedded systems",

abstract = "This paper discusses why and how security requirements engineering must be adapted to the model-driven approach usually adopted to design and develop embedded systems. In particular, we discuss to what extent the elicitation of security requirements and the Y-chart partitioning approach, a central design methodology in embedded systems, can mutually enrich each other. We also show how SysML, which is already commonly used to engineer requirements in embedded systems, can also represent security requirements, assets, and threats with only a few extensions and thus support a more comprehensive requirements engineering methodology. We illustrate the use of our overall methodology and toolkit with examples from the automotive embedded system field in order to demonstrate the relevance of our approach.",

keywords = "Communication System Security, Component Architectures, Computer Security, Design methodology, Embedded Systems, Security Requirements Engineering, System-level design",

author = "Yves Roudier and Idrees, \{Muhammad Sabir\} and Ludovic Apvrille",

year = "2013",

month = oct,

day = "21",

doi = "10.1109/MoDRE.2013.6597264",

language = "English",

isbn = "9781479909469",

series = "2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings",

pages = "55--64",

booktitle = "2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings",

note = "2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 ; Conference date: 15-07-2013 Through 15-07-2013",

}

Roudier, Y, Idrees, MS & Apvrille, L 2013, Towards the model-driven engineering of security requirements for embedded systems. in 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings., 6597264, 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings, pp. 55-64, 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013, Rio de Janeiro, Brazil, 15/07/13. https://doi.org/10.1109/MoDRE.2013.6597264

Towards the model-driven engineering of security requirements for embedded systems. / Roudier, Yves; Idrees, Muhammad Sabir; Apvrille, Ludovic.
2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings. 2013. p. 55-64 6597264 (2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Towards the model-driven engineering of security requirements for embedded systems

AU - Roudier, Yves

AU - Idrees, Muhammad Sabir

AU - Apvrille, Ludovic

PY - 2013/10/21

Y1 - 2013/10/21

N2 - This paper discusses why and how security requirements engineering must be adapted to the model-driven approach usually adopted to design and develop embedded systems. In particular, we discuss to what extent the elicitation of security requirements and the Y-chart partitioning approach, a central design methodology in embedded systems, can mutually enrich each other. We also show how SysML, which is already commonly used to engineer requirements in embedded systems, can also represent security requirements, assets, and threats with only a few extensions and thus support a more comprehensive requirements engineering methodology. We illustrate the use of our overall methodology and toolkit with examples from the automotive embedded system field in order to demonstrate the relevance of our approach.

AB - This paper discusses why and how security requirements engineering must be adapted to the model-driven approach usually adopted to design and develop embedded systems. In particular, we discuss to what extent the elicitation of security requirements and the Y-chart partitioning approach, a central design methodology in embedded systems, can mutually enrich each other. We also show how SysML, which is already commonly used to engineer requirements in embedded systems, can also represent security requirements, assets, and threats with only a few extensions and thus support a more comprehensive requirements engineering methodology. We illustrate the use of our overall methodology and toolkit with examples from the automotive embedded system field in order to demonstrate the relevance of our approach.

KW - Communication System Security

KW - Component Architectures

KW - Computer Security

KW - Design methodology

KW - Embedded Systems

KW - Security Requirements Engineering

KW - System-level design

U2 - 10.1109/MoDRE.2013.6597264

DO - 10.1109/MoDRE.2013.6597264

M3 - Conference contribution

AN - SCOPUS:84885661791

SN - 9781479909469

T3 - 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings

SP - 55

EP - 64

BT - 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings

T2 - 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013

Y2 - 15 July 2013 through 15 July 2013

ER -

Roudier Y, Idrees MS, Apvrille L. Towards the model-driven engineering of security requirements for embedded systems. In 2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings. 2013. p. 55-64. 6597264. (2013 3rd International Workshop on Model-Driven Requirements Engineering, MoDRE 2013 - Proceedings). doi: 10.1109/MoDRE.2013.6597264

Towards the model-driven engineering of security requirements for embedded systems

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this