Skip to main content
SpringerLink
Log in

A Model-Driven and Generative Approach to Holistic Security

  • Chapter
  • First Online:
Resilience of Cyber-Physical Systems

Abstract

Functional and technical cyber-resilience gain increasing relevance for the health and integrity of connected and interoperating systems. In this chapter we demonstrate the power and flexibility of extreme model-driven design to provide holistic security to security-agnostic applications. Using C-IME, our integrated modelling environment for C/C++, we show how easily a modelled application can be enhanced with hardware security features fully automatically during code generation. We illustrate how to use this approach and design environment to make any modelled application ready to securely store its data in potentially insecure environments. The same approach can be used to secure communication over potentially insecure channels. In fact, our approach does not require any changes of the application model. Rather, our integrated modelling environment provides a dedicated modelling language for code generators which resorts to a Domain Specific Language for security. It is realized as a palette of security primitives whose implementation is based on underlying hardware security technology. The code generator injects security appropriately into the models of the applications under development. We illustrate the use of this security-injecting code generator on the case study of a to-do list management application. The code generator is generic and can be used to secure the file handling of any application modelled in the C-IME.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 159.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    We call IMEs the integrated development environments for (graphical) modelling languages, in analogy to the IDEs (integrated development environments) for classical code-level programming like Eclipse or IntelliJ.

References

  1. Ancona D, Lagorio G, Zucca E (2002) A formal framework for java separate compilation. In: ECOOP Proceedings, ECOOP’02. Springer, London, pp 609–636

    Google Scholar 

  2. Björck F, Henkel M, Stirna J, Zdravkovic J (2015) Cyber resilience – Fundamentals for a definition. Springer, Cham, pp 311–316

    Google Scholar 

  3. Boßelmann S, Frohme M, Kopetzki D, Lybecait M, Naujokat S, Neubauer J, Wirkner D, Zweihoff P, Steffen B (2016) Dime: a programming-less modeling environment for web applications. In: Proceedings of the ISoLA’16 Proceedings. LNCS, vol 9953. Springer, Cham, pp 809–832

    Chapter  Google Scholar 

  4. Boßelmann S, Kühn D, Margaria T (2017) A fully model-based approach to the design of the secube™ community web app. In: Proceedings of the 2017 12th International Conference on Design Technology of Integrated Systems In Nanoscale Era (DTIS). IEEE, Piscataway, pp 1–7

    Google Scholar 

  5. Boßelmann S, Neubauer J, Naujokat S, Steffen B (2016) Model-driven design of secure high assurance systems: an introduction to the open platform from the user perspective. In: Margaria T, Solo MGA (eds) SAM’16. Special track “End-to-end Security and Cybersecurity: from the Hardware to Application”. CSREA Press, USA, pp 145–151

    Google Scholar 

  6. Devanbu PT, Stubblebine S (2000) Software engineering for security: a roadmap. In: FOSE Proceedings, ICSE’00. ACM, New York, pp 227–239

    Google Scholar 

  7. Dropbox. https://www.dropbox.com. Accessed 18 Nov 2017

  8. Dropbox hack leads to leaking of 68m user passwords on the internet. https://www.theguardian.com/technology/2016/aug/31/dropbox-hack-passwords-68m-data-breach. Accessed 18 Nov 2017

  9. Elahi G, Yu E, Li T, Liu L (2011) Security requirements engineering in the wild: a survey of common practices. In: Proceedings of the 2011 IEEE 35th COMPSAC. IEEE, Piscataway, pp 314–319

    Google Scholar 

  10. Engeler E (1971) Structure and meaning of elementary programs. In: Proceedings of the Symposium on Semantics of Algorithmic Languages. Springer, Berlin, pp 89–101

    Chapter  Google Scholar 

  11. Farulla GA, Indaco M, Legay A, Margaria T (2016) Model driven design of secure properties for vision-based applications: a case study. In: Proceedings of the International Conference on Security and Management (SAM). World Congress in Computer Science Computer Engineering and Applied Computing (WorldComp). CSREA Press, USA, pp 1–6

    Google Scholar 

  12. Farulla GA, Lamprecht AL (2017) Model checking of security properties: a case study on human-robot interaction processes. In: Proceedings of the 2017 12th International Conference on Design Technology of Integrated Systems in Nanoscale Era (DTIS). IEEE, Piscataway, pp 1–6

    Google Scholar 

  13. Farulla GA, Prinetto P, Varriale A (2017) Holistic security via complex HW/SW platforms. In: Proceedings of the 2017 12th International Conference on Design Technology of Integrated Systems in Nanoscale Era (DTIS). IEEE, Piscataway, pp 1–6

    Google Scholar 

  14. Google Drive. https://www.google.com/drive. Accessed 18 Nov 2017

  15. Gossen F, Neubauer J, Steffen B (2017) Securing C/C++ applications with a secube™-based model-driven approach. In: Proceedings of the 2017 12th International Conference on Design Technology of Integrated Systems in Nanoscale Era (DTIS). IEEE, Piscataway, pp 1–7

    Google Scholar 

  16. Gossen F, Tiziana M, Göke T (2016) Modelling the people recognition pipeline in access control systems. Proc Inst Syst Program RAS 28:205–220

    Article  Google Scholar 

  17. Jonsson B, Margaria T, Naeser G, Nyström J, Steffen B (2001) Incremental requirement specification for evolving systems. Nordic J Comput, 8(1):65–87

    MATH  Google Scholar 

  18. Jorges S, Kubczak C, Pageau F, Margaria T (2007) Model driven design of reliable robot control programs using the jABC. In: Fourth IEEE International Workshop on Engineering of Autonomic and Autonomous Systems, EASe’07. IEEE, Piscataway, pp 137–148

    Chapter  Google Scholar 

  19. Jörges S, Lamprecht AL, Margaria T, Schaefer I, Steffen B (2012) A constraint-based variability modeling framework. Int J Softw Tools Technol Transfer, Springer, Berlin, Heidelberg, 14(5):511–530

    Article  Google Scholar 

  20. Jörges S, Margaria T, Steffen B (2008) Genesys: service-oriented construction of property conform code generators. Innov Syst Softw Eng 4(4):361–384

    Article  Google Scholar 

  21. Kiczales G, Lamping J, Mendhekar A, Maeda C, Lopes C, Loingtier JM, Irwin J (1997) Aspect-oriented programming. In: Akşit M, Matsuoka S (eds) ECOOP’97. LNCS, vol 1241. Springer, Berlin, pp 220–242

    Google Scholar 

  22. Lamprecht AL, Naujokat S, Margaria T, Steffen B (2010) Synthesis-based loose programming. In: Proceedings of the 2010 Seventh International Conference on the Quality of Information and Communications Technology. IEEE, Piscataway, pp 262–267

    Google Scholar 

  23. Lamprecht A, Steffen B, Margaria T (2016) Scientific workflows with the jABC framework – a review after a decade in the field. STTT 18(6):629–651

    Article  Google Scholar 

  24. Margaria T, Steffen B (2007) LTL guided planning: revisiting automatic tool composition in ETI. In: Proceedings of the 31st IEEE Software Engineering Workshop (SEW 2007). IEEE, Piscataway, pp 214–226

    Chapter  Google Scholar 

  25. Margaria T, Steffen B (2010) Simplicity as a driver for agile innovation. Computer 43(6):90–92

    Article  Google Scholar 

  26. Margaria T, Floyd BD, Steffen B (2011) IT simply works: simplicity and embedded systems design. In: Proceedings of the IEEE 35th COMPSACW. IEEE, Piscataway, pp 194–199

    Google Scholar 

  27. Margaria T, Steffen B (2004) Lightweight coarse-grained coordination: a scalable system-level approach. STTT 5(2–3):107–123

    Article  Google Scholar 

  28. Margaria T, Steffen B (2008) Agile IT: thinking in user-centric models. In: Margaria T, Steffen B (eds) ISoLA’08 Proceedings. Springer, Berlin/Heidelberg, pp 490–502

    Google Scholar 

  29. Margaria T, Steffen B (2009) Business process modelling in the jABC: the one-thing-approach. In: Cardoso J, van der Aalst W (eds) Handbook of research on business process modeling. IGI Global, Hershey

    Google Scholar 

  30. Margaria T, Steffen B (2012) Service-orientation: conquering complexity with XMDD. In: Hinchey M, Coyle L (eds) Conquering complexity. Springer, London, pp 217–236

    Chapter  Google Scholar 

  31. Naujokat S, Lybecait M, Kopetzki D, Steffen B (2018) Cinco: a simplicity-driven approach to full generation of domain-specific graphical modeling tools. Int J Softw Tools Technol Transfer 20:327. https://doi.org/10.1007/s10009-017-0453-6

    Article  Google Scholar 

  32. Neubauer J, Steffen B (2013) Plug-and-play higher-order process integration. Computer 46(11):56–62

    Article  Google Scholar 

  33. Neubauer J, Steffen B (2013) Second-order servification. In: Herzwurm G, Margaria T (eds) Software business. From physical products to software services and solutions. LNBIP, vol 150. Springer, Heidelberg, pp 13–25

    Chapter  Google Scholar 

  34. Onedrive. https://onedrive.live.com. Accessed 18 Nov 2017

  35. Sklavos N, Touliou K, Efstathiou C (2006) Exploiting cryptographic architectures over hardware vs. software implementations: advantages and trade-offs. In: Biolek D (ed) AEE’06 Proceedings, WSEAS. Stevens Point, Wisconsin, pp 147–151

    Google Scholar 

  36. Steffen B, Margaria T, Freitag B (1993) Module configuration by minimal model construction. Technical report, Technical Report MIP Technical Report MIP 9313, Fakultät für Mathematik und Informatik, Universität Passau

    Google Scholar 

  37. Steffen B, Naujokat S (2016) Archimedean points: the essence for mastering change. Trans Found Mastering Change 1:22–46

    Article  Google Scholar 

  38. Varriale A, Vatajelu EI, Natale GD, Prinetto P, Trotta P, Margaria T (2016) Secube™: an open-source security platform in a single SOC. In: DTIS Proceedings. IEEE, Piscataway, pp 1–6

    Google Scholar 

Download references

Acknowledgements

This work was supported, in part, by Science Foundation Ireland grant 13/RC/2094 and co-funded under the European Regional Development Fund through the Southern & Eastern Regional Operational Programme to Lero - the Irish Software Research Centre (www.lero.ie).

Author information

Authors and Affiliations

  1. University of Limerick and Lero – The Irish Software Research Centre, Limerick, Ireland

    Frederik Gossen & Tiziana Margaria

  2. TU Dortmund University, Dortmund, Germany

    Johannes Neubauer & Bernhard Steffen

Authors
  1. Frederik Gossen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tiziana Margaria
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Johannes Neubauer
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bernhard Steffen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Frederik Gossen .

Editor information

Editors and Affiliations

  1. Chair, IEEE SMC Technical Committee on Homeland Security, Rome, Italy

    Francesco Flammini

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Gossen, F., Margaria, T., Neubauer, J., Steffen, B. (2019). A Model-Driven and Generative Approach to Holistic Security. In: Flammini, F. (eds) Resilience of Cyber-Physical Systems. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-95597-1_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-95597-1_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-95596-4

  • Online ISBN: 978-3-319-95597-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation