4pm Tuesday 26 June 2001
Room 2511, JCMB, King's Buildings
Designing security-critical systems correctly is very difficult. Many published designs of system components (such as security protocols) have been found to contain flaws (often years later).
We propose to use a fragment of UML together with a formal semantics to specify security-critical systems precisely and to evaluate the specification wrt security requirements.
Benefits of the approach include: - security requirements or assumptions on system components can be expressed conveniently using the UML extension mechanisms - through its different kinds of diagrams UML offers views on different security-relevant aspects of the system (e.g. physical layer, security management) - UML is more widely used by developers than "traditional" formal specification languages.
In this talk I give an overview of the work along these lines presented at FASE'01, IFIP SEC'01, IWSecP'01 and VIS'01.
Martin Grohe
Monday 18 June 2001
An error occured whilst processing this directive