An extensive systematic review on the Model-Driven Development of secure systems

Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research on \{MDS\} has resulted in a large number of publications. Objective: To provide a detailed analysis of the state of the art in MDS, a systematic literature review (SLR ) is essential. Method: We conducted an extensive \{SLR\} on MDS. Derived from our research questions, we designed a rigorous, extensive search and selection process to identify a set of primary \{MDS\} studies that is as complete as possible. Our three-pronged search process consists of automatic searching, manual searching, and snowballing. After discovering and considering more than thousand relevant papers, we identified, strictly selected, and reviewed 108 \{MDS\} publications. Results: The results of our \{SLR\} show the overall status of the key artefacts of MDS, and the identified primary \{MDS\} studies. For example, regarding security modelling artefact, we found that developing domain-specific languages plays a key role in many \{MDS\} approaches. The current limitations in each \{MDS\} artefact are pointed out and corresponding potential research directions are suggested. ... mehrMoreover, we categorise the identified primary \{MDS\} studies into 5 significant \{MDS\} studies, and other emerging or less common \{MDS\} studies. Finally, some trend analyses of \{MDS\} research are given. Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the \{MDS\} development cycle, and for more empirical studies on the application of \{MDS\} methodologies. To the best of our knowledge, this \{SLR\} is the first in the field of Software Engineering that combines a snowballing strategy with database searching. This combination has delivered an extensive literature study on MDS.