mdh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Managing Timing Implications of Security Aspects in Model-Driven Development of Real-Time Embedded Systems
Mälardalen University, School of Innovation, Design and Engineering. (IS)ORCID iD: 0000-0002-1512-0844
Mälardalen University, School of Innovation, Design and Engineering. (IS)ORCID iD: 0000-0003-0416-1787
Mälardalen University, School of Innovation, Design and Engineering. (IS)ORCID iD: 0000-0001-7586-0409
2012 (English)In: International Journal On Advances in Security, ISSN 1942-2636, Vol. 5, no 3/4, 68-80 p.Article in journal (Refereed) Published
Abstract [en]

Considering security as an afterthought and addingsecurity aspects to a system late in the development processhas now been realized to be an inefficient and bad approach tosecurity. The trend is to bring security considerations as earlyas possible in the design of systems. This is especially criticalin certain domains such as real-time embedded systems. Due todifferent constraints and resource limitations that these systemshave, the costs and implications of security features should becarefully evaluated in order to find appropriate ones whichrespect the constraints of the system. Model-Driven Development(MDD) and Component-Based Development (CBD) are twosoftware engineering disciplines which help to cope with theincreasing complexity of real-time embedded systems. WhileCBD enables the reuse of functionality and analysis results bybuilding systems out of already existing components, MDD helpsto increase the abstraction level, perform analysis at earlierphases of development, and also promotes automatic codegeneration. By using these approaches and including securityaspects in the design models, it becomes possible to considersecurity from early phases of development and also identifythe implications of security features. Timing issues are one ofthe most important factors for successful design of real-timeembedded systems. In this paper, we provide an approach usingMDD and CBD methods to make it easier for system designersto include security aspects in the design of systems and identifyand manage their timing implications and costs. Among differentsecurity mechanisms to satisfy security requirements, our focusin this paper is mainly on using encryption and decryptionalgorithms and consideration of their timing costs to designsecure systems.

Place, publisher, year, edition, pages
2012. Vol. 5, no 3/4, 68-80 p.
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:mdh:diva-17422OAI: oai:DiVA.org:mdh-17422DiVA: diva2:579753
Available from: 2012-12-20 Created: 2012-12-20 Last updated: 2015-02-04Bibliographically approved
In thesis
1. Preservation of Extra-Functional Properties in Embedded Systems Development
Open this publication in new window or tab >>Preservation of Extra-Functional Properties in Embedded Systems Development
2015 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The interaction of embedded systems with their environments and their resource limitations make it important to take into account properties such as timing, security, and resource consumption in designing such systems. These so-called Extra-Functional Properties (EFPs) capture and describe the quality and characteristics of a system, and they need to be taken into account from early phases of development and throughout the system's lifecycle. An important challenge in this context is to ensure that the EFPs that are defined at early design phases are actually preserved throughout detailed design phases as well as during the execution of the system on its platform. In this thesis, we provide solutions to help with the preservation of EFPs; targeting both system design phases and system execution on the platform. Starting from requirements, which form the constraints of EFPs, we propose an approach for modeling Non-Functional Requirements (NFRs) and evaluating different design alternatives with respect to the satisfaction of the NFRs. Considering the relationship and trade-off among EFPs, an approach for balancing timing versus security properties is introduced. Our approach enables balancing in two ways: in a static way resulting in a fixed set of components in the design model that are analyzed and thus verified to be balanced with respect to the timing and security properties, and also in a dynamic way during the execution of the system through runtime adaptation. Considering the role of the platform in preservation of EFPs and mitigating possible violations of them, an approach is suggested to enrich the platform with necessary mechanisms to enable monitoring and enforcement of timing properties. In the thesis, we also identify and demonstrate the issues related to accuracy in monitoring EFPs, how accuracy can affect the decisions that are made based on the collected information, and propose a technique to tackle this problem. As another contribution, we also show how runtime monitoring information collected about EFPs can be used to fine-tune design models until a desired set of EFPs are achieved. We have also developed a testing framework which enables automatic generation of test cases in order verify the actual behavior of a system against its desired behavior. On a high level, the contributions of the thesis are thus twofold: proposing methods and techniques to 1) improve maintenance of EFPs within their correct range of values during system design, 2) identify and mitigate possible violations of EFPs at runtime.

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2015
Series
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 171
Keyword
Software Engineering, Embedded Systems, Non-Functional Requirements, Extra-Functional Properties, Model-Driven Development, Trade-off analysis
National Category
Computer Systems Embedded Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-27300 (URN)978-91-7485-182-3 (ISBN)
Public defence
2015-02-24, Gamma, Mälardalens högskola, Västerås, 13:15 (English)
Opponent
Supervisors
Projects
CHESSMBATITS-EASY
Available from: 2015-01-12 Created: 2015-01-12 Last updated: 2015-02-02Bibliographically approved

Open Access in DiVA

No full text

Other links

http://www.iariajournals.org/security/sec_v5_n34_2012_paged.pdf

Search in DiVA

By author/editor
Saadatmand, MehrdadLeveque, ThomasCicchetti, AntonioSjödin, Mikael
By organisation
School of Innovation, Design and Engineering
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar

Total: 40 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf