KIT | KIT-Bibliothek | Impressum | Datenschutz

Consistency Management for Security Annotations for Continuous Verification

Reiche, Frederik ORCID iD icon; Weber, Thomas ORCID iD icon; Becker, Simeon; Weber, Sebastian; Heinrich, Robert; Burger, Erik ORCID iD icon

Abstract:

Analyses on the architecture of systems can yield valuable insights into a system even before it is built. The applicability of the results of these design time analyses to the system requires the system to be built according to its specification, i.e., to not violate constraints defined on the architecture. The conformance of the results of static code analyses and design time analyses ensures the system is built according to its specification. The first step for conforming results of these analyses is to ensure that the system and its specification is represented consistently in the input of the design time analysis and static code analysis, i.e., they comprise corresponding system elements and specifications for them. To achieve conforming inputs, we used consistency specifications between architecture and code models and implemented them between annotation models that enrich the architecture description with security annotations on the architecture level, as well as security annotations on the code level. This allows the continuous conformance checking during implementation and later during evolution of the system. We implemented the consistency specifications in the Vitruvius framework for an ADL and Java and tested it on case studies.

Zugehörige Institution(en) am KIT Institut für Informationssicherheit und Verlässlichkeit (KASTEL)
Publikationstyp Proceedingsbeitrag
Publikationsmonat/-jahr 09.2024
Sprache Englisch
Identifikator ISBN: 9798400706226
KITopen-ID: 1000173493
HGF-Programm 46.23.01 (POF IV, LK 01) Methods for Engineering Secure Systems
Erschienen in ACM / IEEE 27th International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C)
Veranstaltung 27th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS 2024), Lienz, Österreich, 22.09.2024 – 27.09.2024
Verlag Association for Computing Machinery (ACM)
Seiten 1096 - 1105
Nachgewiesen in Scopus

Verlagsausgabe §
DOI: 10.5445/IR/1000173493
Veröffentlicht am 24.01.2025
Seitenaufrufe: 104
seit 16.08.2024
Downloads: 4
seit 03.02.2025
Cover der Publikation
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page