mdh.sePublikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Managing Timing Implications of Security Aspects in Model-Driven Development of Real-Time Embedded Systems
Mälardalens högskola, Akademin för innovation, design och teknik. (IS)ORCID-id: 0000-0002-1512-0844
Mälardalens högskola, Akademin för innovation, design och teknik. (IS)ORCID-id: 0000-0003-0416-1787
Mälardalens högskola, Akademin för innovation, design och teknik. (IS)ORCID-id: 0000-0001-7586-0409
2012 (engelsk)Inngår i: International Journal On Advances in Security, ISSN 1942-2636, Vol. 5, nr 3/4, s. 68-80Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Considering security as an afterthought and addingsecurity aspects to a system late in the development processhas now been realized to be an inefficient and bad approach tosecurity. The trend is to bring security considerations as earlyas possible in the design of systems. This is especially criticalin certain domains such as real-time embedded systems. Due todifferent constraints and resource limitations that these systemshave, the costs and implications of security features should becarefully evaluated in order to find appropriate ones whichrespect the constraints of the system. Model-Driven Development(MDD) and Component-Based Development (CBD) are twosoftware engineering disciplines which help to cope with theincreasing complexity of real-time embedded systems. WhileCBD enables the reuse of functionality and analysis results bybuilding systems out of already existing components, MDD helpsto increase the abstraction level, perform analysis at earlierphases of development, and also promotes automatic codegeneration. By using these approaches and including securityaspects in the design models, it becomes possible to considersecurity from early phases of development and also identifythe implications of security features. Timing issues are one ofthe most important factors for successful design of real-timeembedded systems. In this paper, we provide an approach usingMDD and CBD methods to make it easier for system designersto include security aspects in the design of systems and identifyand manage their timing implications and costs. Among differentsecurity mechanisms to satisfy security requirements, our focusin this paper is mainly on using encryption and decryptionalgorithms and consideration of their timing costs to designsecure systems.

sted, utgiver, år, opplag, sider
2012. Vol. 5, nr 3/4, s. 68-80
HSV kategori
Identifikatorer
URN: urn:nbn:se:mdh:diva-17422OAI: oai:DiVA.org:mdh-17422DiVA, id: diva2:579753
Tilgjengelig fra: 2012-12-20 Laget: 2012-12-20 Sist oppdatert: 2015-02-04bibliografisk kontrollert
Inngår i avhandling
1. Preservation of Extra-Functional Properties in Embedded Systems Development
Åpne denne publikasjonen i ny fane eller vindu >>Preservation of Extra-Functional Properties in Embedded Systems Development
2015 (engelsk)Doktoravhandling, med artikler (Annet vitenskapelig)
Abstract [en]

The interaction of embedded systems with their environments and their resource limitations make it important to take into account properties such as timing, security, and resource consumption in designing such systems. These so-called Extra-Functional Properties (EFPs) capture and describe the quality and characteristics of a system, and they need to be taken into account from early phases of development and throughout the system's lifecycle. An important challenge in this context is to ensure that the EFPs that are defined at early design phases are actually preserved throughout detailed design phases as well as during the execution of the system on its platform. In this thesis, we provide solutions to help with the preservation of EFPs; targeting both system design phases and system execution on the platform. Starting from requirements, which form the constraints of EFPs, we propose an approach for modeling Non-Functional Requirements (NFRs) and evaluating different design alternatives with respect to the satisfaction of the NFRs. Considering the relationship and trade-off among EFPs, an approach for balancing timing versus security properties is introduced. Our approach enables balancing in two ways: in a static way resulting in a fixed set of components in the design model that are analyzed and thus verified to be balanced with respect to the timing and security properties, and also in a dynamic way during the execution of the system through runtime adaptation. Considering the role of the platform in preservation of EFPs and mitigating possible violations of them, an approach is suggested to enrich the platform with necessary mechanisms to enable monitoring and enforcement of timing properties. In the thesis, we also identify and demonstrate the issues related to accuracy in monitoring EFPs, how accuracy can affect the decisions that are made based on the collected information, and propose a technique to tackle this problem. As another contribution, we also show how runtime monitoring information collected about EFPs can be used to fine-tune design models until a desired set of EFPs are achieved. We have also developed a testing framework which enables automatic generation of test cases in order verify the actual behavior of a system against its desired behavior. On a high level, the contributions of the thesis are thus twofold: proposing methods and techniques to 1) improve maintenance of EFPs within their correct range of values during system design, 2) identify and mitigate possible violations of EFPs at runtime.

sted, utgiver, år, opplag, sider
Västerås: Mälardalen University, 2015
Serie
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 171
Emneord
Software Engineering, Embedded Systems, Non-Functional Requirements, Extra-Functional Properties, Model-Driven Development, Trade-off analysis
HSV kategori
Forskningsprogram
datavetenskap
Identifikatorer
urn:nbn:se:mdh:diva-27300 (URN)978-91-7485-182-3 (ISBN)
Disputas
2015-02-24, Gamma, Mälardalens högskola, Västerås, 13:15 (engelsk)
Opponent
Veileder
Prosjekter
CHESSMBATITS-EASY
Tilgjengelig fra: 2015-01-12 Laget: 2015-01-12 Sist oppdatert: 2015-02-02bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

http://www.iariajournals.org/security/sec_v5_n34_2012_paged.pdf

Personposter BETA

Saadatmand, MehrdadCicchetti, AntonioSjödin, Mikael

Søk i DiVA

Av forfatter/redaktør
Saadatmand, MehrdadLeveque, ThomasCicchetti, AntonioSjödin, Mikael
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric

urn-nbn
Totalt: 58 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf