We also plan to provide a toolbox of Attacker
Models, to provide the designer with some templates
or example attack scenarios, such as DDoS attacks,
replay attacks, brute-forcing of keys, etc., that he/she
can then further enhance. While our current security
prover ProVerif has limited support for mathematical
operations, we plan to integrate safety and security
verification to allow formal evaluation of plausibil-
ity and coherence checks that we currently perform
with simulation. We may find a different security
prover, or integrate security reasoning into our reach-
ability graphs. Furthermore, we’d like to better con-
nect analysis and implementation, such as connect-
ing Requirements Diagrams with implemented coun-
termeasures, etc. Our ultimate goal will be a com-
prehensive methodology for systematic modeling and
verification of security.
REFERENCES
Apvrille, L. and Roudier, Y. (2015). SysML-Sec: A Model
Driven Approach for Designing Safe and Secure Sys-
tems. In 3rd International Conference on Model-
Driven Engineering and Software Development, Spe-
cial session on Security and Privacy in Model Based
Engineering, France. SCITEPRESS Digital Library.
Balarin, F., Watanabe, Y., Hsieh, H., Lavagno, L.,
Passerone, C., and Sangiovanni-Vincentelli, A.
(2003). Metropolis: An Integrated Electronic System
Design Environment. Computer, 36(4):45–52.
Blanchet, B. (2001). An efficient cryptographic protocol
verifier based on prolog rules. In Proceedings of the
14th IEEE Workshop on Computer Security Founda-
tions, CSFW ’01, pages 82–, Washington, DC, USA.
IEEE Computer Society.
Constantin, L. (2016). Researchers hack Tesla Model S
with remote attack. http://www.pcworld.com/article/
3121999/security/researchers-demonstrate-remote-
attack-against-tesla-model-s.html.
Dawkins, J. and Hale, J. (2004). A systematic approach
to multi-stage network attack analysis. In Informa-
tion Assurance Workshop, 2004. Proceedings. Second
IEEE International, pages 48–56. IEEE.
Ge, M., Hong, J. B., Guttmann, W., and Kim, D. S. (2017).
A framework for automating security analysis of the
internet of things. Journal of Network and Computer
Applications, 83:12–27.
Hansson, J., Wrage, L., Feiler, P. H., Morley, J., Lewis, B.,
and Hugues, J. (2010). Architectural Modeling to Ver-
ify Security and Nonfunctional Behavior. IEEE Secu-
rity Privacy, 8(1):43–49.
Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle,
A., and Weyl, B. Security Requirements for Automo-
tive On-Board Networks. In ITST 2009, Lille, France.
Hong, J. B. and Kim, D. S. (2016). Assessing the effective-
ness of moving target defenses using security models.
IEEE Transactions on Dependable and Secure Com-
puting, 13(2):163–177.
J
¨
urjens, J. (2002). UMLsec: Extending UML for Secure
Systems Development. In Proceedings of the 5th In-
ternational Conference on The Unified Modeling Lan-
guage, UML ’02, pages 412–425, London, UK, UK.
Springer-Verlag.
Kangas, T., Kukkala, P., Orsila, H., Salminen, E.,
H
¨
annik
¨
ainen, M., H
¨
am
¨
al
¨
ainen, T. D., Riihim
¨
aki, J.,
and Kuusilinna, K. (2006). UML-based Multipro-
cessor SoC Design Framework. ACM Trans. Embed.
Comput. Syst., 5(2):281–320.
Kienhuis, B., Deprettere, E., van der Wolf, P., and Vissers,
K. (2002). A Methodology to Design Programmable
Embedded Systems: The Y-Chart Approach. In Em-
bedded Processor Design Challenges, pages 18–37.
Springer.
Kordy, B., Kordy, P., Mauw, S., and Schweitzer, P. (2013).
Adtool: Security analysis with attackdefense trees. In
Joshi, K., Siegle, M., Stoelinga, M., and DArgenio, P.,
editors, Quantitative Evaluation of Systems, volume
8054 of Lecture Notes in Computer Science, pages
173–176. Springer Berlin Heidelberg.
Larson, S. (2017). FDA confirms that St.
Jude’s cardiac devices can be hacked.
http://money.cnn.com/2017/01/09/technology/fda-st-
jude-cardiac-hack/.
Li, L. W., Lugou, F., and Apvrille, L. (2017). Security-
Aware Modeling and Analysis for HW/SW Parti-
tioning. In Confer
´
ence on Model-Driven Engineer-
ing and Software Development (Modelsward’2017),
Porto, Portugal.
Lin, C.-W., Zheng, B., Zhu, Q., and Sangiovanni-
Vincentelli, A. (2015). Security-Aware Design
Methodology and Optimization for Automotive Sys-
tems. ACM Transactions on Design Automation of
Electronic Systems (TODAES), 21(1):18.
Miller, C. and Valasek, C. (2015). Remote exploitation of
an unaltered passenger vehicle. Black Hat USA.
Newman, L. (2016). The Botnet That
Broke the Internet Isn’t Going Away.
https://www.wired.com/2016/12/botnet-broke-
internet-isnt-going-away/.
Raspotnig, C., Katta, V., Karpati, P., and Opdahl, A. L.
(2013). Enhancing CHASSIS: A Method for Com-
bining Safety and Security. In Availability, Reliability
and Security (ARES), 2013 Eighth International Con-
ference on, pages 766–773.
Rosales, R., Glass, M., Teich, J., Wang, B., Xu, Y., and
Hasholzner, R. (2014). MAESTRO— Holistic Actor-
Oriented Modeling of Nonfunctional Properties and
Firmware Behavior for MPSoCs. ACM Trans. Des.
Autom. Electron. Syst., 19(3):23:1–23:26.
Roudier, Y., Idrees, M. S., and Apvrille, L. (2013). To-
wards the Model-Driven Engineering of Security Re-
quirements for Embedded Systems. In proceedings of
MoDRE’13, Rio de Janeiro, Brazil.
van Lamsweerde, A. (2004). Elaborating Security Require-
ments by Construction of Intentional Anti-Models. In
Proc. of the 26th International Conference on Soft-
ware Engineering , ICSE ’04, pages 148–157.
Vasilevskaya, M. and Nadjm-Tehrani, S. (2015). Quanti-
fying Risks to Data Assets Using Formal Metrics in
Embedded System Design, pages 347–361. Springer
International Publishing, Cham.
MODELSWARD 2018 - 6th International Conference on Model-Driven Engineering and Software Development
294