Skip header Section
Skip Bibliometrics Section
Secure Systems Development with UMLJanuary 2010
- Author:
- Jan Jrjens
Skip Abstract Section
Abstract
The correct development of security-critical computer systems is as vital as it is difficult. This book presents the extension UMLsec of the Unified Modeling Language for secure systems development. The book is written in a way which keeps the first part (ch 1-5), describing UMLsec and ist use, accessible to anyone with an interest in computer security and a basic background on object-oriented systems. It can also be used as part of a general course on applying UML or on computer security. The second part (ch 6-9) is about the mathematical tools needed to use the UMLsec approach to verify UML specifications against security requirements and assumes some familarity with precise methods of system development. A practically relevant example is used throughout the book to demonstrate the presented methods.
Cited By
Pattakou A, Diamantopoulou V, Kalloniatis C and Gritzalis S A Unified Framework for GDPR Compliance in Cloud Computing Proceedings of the 19th International Conference on Availability, Reliability and Security, (1-9)- Wideł W, Hacks S, Ekstedt M, Johnson P and Lagerström R (2023). The meta attack language - a formal description, Computers and Security, 130:C, Online publication date: 1-Jul-2023.
- Chaleshtari N, Pastore F, Goknil A and Briand L (2023). Metamorphic Testing for Web System Security, IEEE Transactions on Software Engineering, 49:6, (3430-3471), Online publication date: 1-Jun-2023.
- El-Attar M (2023). Evaluating the accessibility of a PoN-enabled misuse case notation by the red–green colorblind community, Software and Systems Modeling (SoSyM), 22:1, (247-272), Online publication date: 1-Feb-2023.
- Tuma K, Peldszus S, Strüber D, Scandariato R and Jürjens J (2023). Checking security compliance between models and code, Software and Systems Modeling (SoSyM), 22:1, (273-296), Online publication date: 1-Feb-2023.
- Williams I, Yuan X, Anwar M and McDonald J (2022). An Automated Security Concerns Recommender Based on Use Case Specification Ontology, Automated Software Engineering, 29:2, Online publication date: 1-Nov-2022.
- Bambhore Tukaram A, Schneider S, Díaz Ferreyra N, Simhandl G, Zdun U and Scandariato R Towards a Security Benchmark for the Architectural Design of Microservice Applications Proceedings of the 17th International Conference on Availability, Reliability and Security, (1-7)
- Katsikeas S, Johnsson P, Hacks S and Lagerström R (2022). VehicleLang, Computers and Security, 117:C, Online publication date: 1-Jun-2022.
- Ferraris D, Fernandez-Gago C and Lopez J (2020). A model-driven approach to ensure trust in the IoT, Human-centric Computing and Information Sciences, 10:1, Online publication date: 14-Dec-2020.
- Zarour M, Alenezi M and Alsarayrah K Software Security Specifications and Design Proceedings of the 24th International Conference on Evaluation and Assessment in Software Engineering, (451-456)
- Peldszus S, Strüber D and Jürjens J (2020). Model-based security analysis of feature-oriented software product lines, ACM SIGPLAN Notices, 53:9, (93-106), Online publication date: 7-Apr-2020.
- El-Attar M (2019). A comparative study of students and professionals in syntactical model comprehension experiments, Software and Systems Modeling (SoSyM), 18:6, (3283-3329), Online publication date: 1-Dec-2019.
- Şentürk Ş, Yaşar H and Soğukpınar İ Model Driven Security in a Mobile Banking Application Context Proceedings of the 14th International Conference on Availability, Reliability and Security, (1-7)
- Akkiyat I and Souissi N Building a Process Meta Model Extended for Cycles Proceedings of the ArabWIC 6th Annual International Conference Research Track, (1-7)
- Pilipchuk R, Seifermann S and Heinrich R Aligning Business Process Access Control Policies with Enterprise Architecture Proceedings of the Central European Cybersecurity Conference 2018, (1-4)
- Uzunov A, Fernandez E and Falkner K (2018). Assessing and improving the quality of security methodologies for distributed systems, Journal of Software: Evolution and Process, 30:11, Online publication date: 14-Nov-2018.
- Peldszus S, Strüber D and Jürjens J Model-based security analysis of feature-oriented software product lines Proceedings of the 17th ACM SIGPLAN International Conference on Generative Programming: Concepts and Experiences, (93-106)
- do Prado R and Souza V Securing FrameWeb Proceedings of the 24th Brazilian Symposium on Multimedia and the Web, (213-220)
- Johnson P, Lagerström R and Ekstedt M A Meta Language for Threat Modeling and Attack Simulations Proceedings of the 13th International Conference on Availability, Reliability and Security, (1-8)
- Ramadan Q, Ahmadian A, Strüber D, Jürjens J and Staab S Model-based discrimination analysis Proceedings of the International Workshop on Software Fairness, (22-28)
- van den Berghe A, Yskout K and Joosen W Security patterns 2.0 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment, (45-48)
- Geismann J, Gerking C and Bodden E Towards ensuring security by design in cyber-physical systems engineering processes Proceedings of the 2018 International Conference on Software and System Process, (123-127)
- Ahmadian A, Strüber D, Riediger V and Jürjens J Supporting privacy impact assessment by model-based privacy analysis Proceedings of the 33rd Annual ACM Symposium on Applied Computing, (1467-1474)
- Ahmadian A, Jürjens J and Strüber D Extending model-based privacy analysis for the industrial data space by exploiting privacy level agreements Proceedings of the 33rd Annual ACM Symposium on Applied Computing, (1142-1149)
- Sisto R, Bettassa Copet P, Avalle M and Pironti A (2018). Formally sound implementations of security protocols with JavaSPI, Formal Aspects of Computing, 30:2, (279-317), Online publication date: 1-Mar-2018.
- Ahmadian A, Peldszus S, Ramadan Q and Jürjens J Model-based privacy and security analysis with CARiSMA Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, (989-993)
- Van Den Berghe A, Scandariato R, Yskout K and Joosen W (2017). Design notations for secure software, Software and Systems Modeling (SoSyM), 16:3, (809-831), Online publication date: 1-Jul-2017.
- van den Berghe A, Yskout K, Joosen W and Scandariato R A model for provably secure software design Proceedings of the 5th International FME Workshop on Formal Methods in Software Engineering, (3-9)
- Sion L, Yskout K, Scandariato R and Joosen W A Modular Meta-model for Security Solutions Companion Proceedings of the 1st International Conference on the Art, Science, and Engineering of Programming, (1-5)
- Ruiz J, Arjona M, Maña A and Rudolph C (2017). Security knowledge representation artifacts for creating secure IT systems, Computers and Security, 64:C, (69-91), Online publication date: 1-Jan-2017.
- Cortés H and Navarro A MDD inclusion of navigational, structural and RBAC elements for JSF and ASP.NET MVC frameworks in UML models Proceedings of the Fourth International Conference on Technological Ecosystems for Enhancing Multiculturality, (1025-1034)
- Bernardi S, Requeno J, Joubert C and Romeu A A systematic approach for performance evaluation using process mining: the POSIDONIA operations case study Proceedings of the 2nd International Workshop on Quality-Aware DevOps, (24-29)
- Souag A, Mazo R, Salinesi C and Comyn-Wattiau I (2016). Reusable knowledge in security requirements engineering, Requirements Engineering, 21:2, (251-283), Online publication date: 1-Jun-2016.
- Chong S and Meyden R (2015). Using Architecture to Reason about Information Security, ACM Transactions on Information and System Security, 18:2, (1-30), Online publication date: 9-Dec-2015.
- Rjaibi N and Rabai L (2015). Expansion and Practical Implementation of the MFC Cybersecurity Model via a Novel Security Requirements Taxonomy, International Journal of Secure Software Engineering, 6:4, (32-51), Online publication date: 1-Oct-2015.
- El-Attar M (2015). Supporting Consistency during the Development and Evolution of Quality Unified Use-Misuse Case Models, International Journal of Secure Software Engineering, 6:4, (1-31), Online publication date: 1-Oct-2015.
- Marrone S, Rodríguez R, Nardone R, Flammini F and Vittorini V (2015). On synergies of cyber and physical security modelling in vulnerability assessment of railway systems, Computers and Electrical Engineering, 47:C, (275-285), Online publication date: 1-Oct-2015.
- El-Attar M, Luqman H, Karpati P, Sindre G and Opdahl A (2015). Extending the UML Statecharts Notation to Model Security Aspects, IEEE Transactions on Software Engineering, 41:7, (661-690), Online publication date: 1-Jul-2015.
- Ficco M, Palmieri F and Castiglione A (2015). Modeling security requirements for cloud-based systemdevelopment, Concurrency and Computation: Practice & Experience, 27:8, (2107-2124), Online publication date: 10-Jun-2015.
- Sion L, Yskout K, van den Berghe A, Scandariato R and Joosen W MASC Proceedings of the Seventh International Workshop on Modeling in Software Engineering, (36-41)
- van den Berghe A Towards a practical security analysis methodology Proceedings of the 37th International Conference on Software Engineering - Volume 2, (883-886)
- Yskout K, Scandariato R and Joosen W Do security patterns really help designers? Proceedings of the 37th International Conference on Software Engineering - Volume 1, (292-302)
- Vasilevskaya M and Nadjm-Tehrani S (2015). Support for cross-domain composition of embedded systems using MARTE models, ACM SIGBED Review, 12:1, (37-45), Online publication date: 27-Mar-2015.
- Rusinek D, Ksiezopolski B and Wierzbicki A (2015). Security trade-off and energy efficiency analysis in wireless sensor networks, International Journal of Distributed Sensor Networks, 2015, (7-7), Online publication date: 1-Jan-2015.
- Qadir J and Hasan O (2015). Applying Formal Methods to Networking: Theory, Techniques, and Applications, IEEE Communications Surveys & Tutorials, 17:1, (256-291), Online publication date: 1-Jan-2015.
- Juhola A, Ahola T and Ahola K Adaptive Risk Management with Ontology Linked Evidential Statistics and SDN Proceedings of the 2014 European Conference on Software Architecture Workshops, (1-7)
- Nguyen P, Klein J and Le Traon Y Model-Driven Security with A System of Aspect-Oriented Security Design Patterns Proceedings of the 2nd Workshop on View-Based, Aspect-Oriented and Orthographic Software Modelling, (51-54)
- Bailey C, Montrieux L, de Lemos R, Yu Y and Wermelinger M Run-time generation, transformation, and verification of access control models for self-protection Proceedings of the 9th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, (135-144)
- Diaz J, Arroyo D and Rodriguez F (2014). A formal methodology for integral security design and verification of network protocols, Journal of Systems and Software, 89:C, (87-98), Online publication date: 1-Mar-2014.
- Oates R, Thom F and Herries G Security-Aware, Model-Based Systems Engineering with SysML Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, (78-87)
- Ksiezopolski B, Rusinek D and Wierzbicki A On the efficiency modelling of cryptographic protocols by means of the quality of protection modelling language (QoP-ML) Proceedings of the 2013 international conference on Information and Communication Technology, (261-270)
- Gunawan L and Herrmann P Compositional verification of application-level security properties Proceedings of the 5th international conference on Engineering Secure Software and Systems, (75-90)
- Vasilevskaya M, Nadjm-Tehrani S, Gunawan L and Herrmann P Security asset elicitation for collaborative models Proceedings of the Workshop on Model-Driven Security, (1-6)
- Busch M, Koch N, Masi M, Pugliese R and Tiezzi F Towards model-driven development of access control policies for web applications Proceedings of the Workshop on Model-Driven Security, (1-6)
- van der Meyden R (2012). Architectural refinement and notions of intransitive noninterference, Formal Aspects of Computing, 24:4-6, (769-792), Online publication date: 1-Jul-2012.
- Gunawan L, Kraemer F and Herrmann P Behavioral singletons to consistently handle global states of security patterns Proceedings of the 12th IFIP WG 6.1 international conference on Distributed Applications and Interoperable Systems, (73-86)
- Ochoa M, Jürjens J and Cuéllar J Non-interference on UML state-charts Proceedings of the 50th international conference on Objects, Models, Components, Patterns, (219-235)
- Monakova G, Brucker A and Schaad A Security and safety of assets in business processes Proceedings of the 27th Annual ACM Symposium on Applied Computing, (1667-1673)
- Schaad A and Borozdin M TAM2 Proceedings of the 27th Annual ACM Symposium on Applied Computing, (1103-1108)
- Qamar N, Ledru Y and Idani A Validation of security-design models using Z Proceedings of the 13th international conference on Formal methods and software engineering, (259-274)
- Massacci F, Bouquet F, Fourneret E, Jurjens J, Lund M, Madelénat S, Muehlberg J, Paci F, Paul S, Piessens F, Solhaug B and Wenzel S Orchestrating security and system engineering for evolving systems Proceedings of the 4th European conference on Towards a service-based internet, (134-143)
- Alebrahim A, Hatebur D and Heisel M Towards systematic integration of quality requirements into software architecture Proceedings of the 5th European conference on Software architecture, (17-25)
- Montrieux L, Wermelinger M and Yu Y Tool support for UML-based specification and verification of role-based access control properties Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering, (456-459)
- Montrieux L, Wermelinger M and Yu Y Challenges in model-based evolution and merging of access control policies Proceedings of the 12th International Workshop on Principles of Software Evolution and the 7th annual ERCIM Workshop on Software Evolution, (116-120)
- Braga C (2011). A transformation contract to generate aspects from access control policies, Software and Systems Modeling (SoSyM), 10:3, (395-409), Online publication date: 1-Jul-2011.
- Islam S, Mouratidis H and Jürjens J (2011). A framework to support alignment of secure software engineering with legal regulations, Software and Systems Modeling (SoSyM), 10:3, (369-394), Online publication date: 1-Jul-2011.
- Ledru Y, Qamar N, Idani A, Richier J and Labiadh M Validation of security policies by the animation of Z specifications Proceedings of the 16th ACM symposium on Access control models and technologies, (155-164)
- Ahmed N and Matulevičius R Towards transformation guidelines from secure tropos to misuse cases (position paper) Proceedings of the 7th International Workshop on Software Engineering for Secure Systems, (36-42)
- Jürjens J Automated security hardening for evolving UML models Proceedings of the 33rd International Conference on Software Engineering, (986-988)
- Strembeck M and Mendling J (2011). Modeling process-related RBAC models with extended UML activity models, Information and Software Technology, 53:5, (456-483), Online publication date: 1-May-2011.
- Knauss E, Houmb S, Schneider K, Islam S and Jürjens J Supporting requirements engineers in recognising security issues Proceedings of the 17th international working conference on Requirements engineering: foundation for software quality, (4-18)
- Hatebur D, Heisel M, Jürjens J and Schmidt H Systematic development of UMLsec design models based on security requirements Proceedings of the 14th international conference on Fundamental approaches to software engineering: part of the joint European conferences on theory and practice of software, (232-246)
- Aldini A and Bernardo M (2011). Component-oriented verification of noninterference, Journal of Systems Architecture: the EUROMICRO Journal, 57:3, (282-293), Online publication date: 1-Mar-2011.
- Rosado D, Fernández-Medina E and López J (2011). Security services architecture for Secure Mobile Grid Systems, Journal of Systems Architecture: the EUROMICRO Journal, 57:3, (240-258), Online publication date: 1-Mar-2011.
- Heyman T, Yskout K, Scandariato R, Schmidt H and Yu Y The security twin peaks Proceedings of the Third international conference on Engineering secure software and systems, (167-180)
- Gunawan L, Kraemer F and Herrmann P A tool-supported method for the design and implementation of secure distributed applications Proceedings of the Third international conference on Engineering secure software and systems, (142-155)
- Eichler J Lightweight modeling and analysis of security concepts Proceedings of the Third international conference on Engineering secure software and systems, (128-141)
- Montrieux L, Jürjens J, Haley C, Yu Y, Schobbens P and Toussaint H Tool support for code generation from a UMLsec property Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering, (357-358)
- Abi-Antoun M and Barnes J Analyzing security architectures Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering, (3-12)
- Blanco C, Fernández-Medina E, Trujillo J and Jurjens J Towards the secure modelling of OLAP users behaviour Proceedings of the 7th VLDB conference on Secure data management, (101-112)
- Cheremushkin D and Lyubimov A An application of integral engineering technique to information security standards analysis and refinement Proceedings of the 3rd international conference on Security of information and networks, (12-18)
- Scandariato R, Buyens K and Joosen W Automated detection of least privilege violations in software architectures Proceedings of the 4th European conference on Software architecture, (150-165)
- Mellado D, Fernández-Medina E and Piattini M A comparison of software design security metrics Proceedings of the Fourth European Conference on Software Architecture: Companion Volume, (236-242)
- Ouedraogo M, Mouratidis H, Dubois E and Khadraoui D Information systems security criticality and assurance evaluation Proceedings of the 2010 international conference on Advances in computer science and information technology, (38-54)
- Vela B, Blanco C, Fernández-Medina E and Marcos E Model driven development of secure XML data warehouses Proceedings of the 2010 EDBT/ICDT Workshops, (1-8)
- Moebius N, Stenzel K and Reif W Formal verification of application-specific security properties in a model-driven approach Proceedings of the Second international conference on Engineering Secure Software and Systems, (166-181)
- Preda S, Cuppens-Boulahia N, Cuppens F, Garcia-Alfaro J and Toutain L Model-Driven security policy deployment Proceedings of the Second international conference on Engineering Secure Software and Systems, (123-139)
- Rosado D, Fernández-Medina E and López J Applying a UML Extension to Build Use Cases Diagrams in a Secure Mobile Grid Application Proceedings of the ER 2009 Workshops (CoMoL, ETheCoM, FP-UML, MOST-ONISW, QoIS, RIGiM, SeCoGIS) on Advances in Conceptual Modeling - Challenging Perspectives, (126-136)
- Halkidis S, Chatzigeorgiou A and Stephanides G Moving from Requirements to Design Confronting Security Issues Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II, (798-814)
- Lloyd J and Jürjens J Security Analysis of a Biometric Authentication System Using UMLsec and JML Proceedings of the 12th International Conference on Model Driven Engineering Languages and Systems, (77-91)
- Moebius N, Stenzel K and Reif W Generating formal specifications for security-critical applications - A model-driven approach Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, (68-74)
- Buyens K, De Win B and Joosen W Resolving least privilege violations in software architectures Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, (9-16)
- Asnar Y and Zannone N Perceived risk assessment Proceedings of the 4th ACM workshop on Quality of protection, (59-64)
- Yijun Yu , Jurjens J and Schreck J Tools for Traceability in Secure Software Development Proceedings of the 23rd IEEE/ACM International Conference on Automated Software Engineering, (503-504)
- Siponen M and Heikka J (2008). Do secure information system design methods provide adequate modeling support?, Information and Software Technology, 50:9-10, (1035-1053), Online publication date: 1-Aug-2008.
- Horvath V and Dörges T From security patterns to implementation using petri nets Proceedings of the fourth international workshop on Software engineering for secure systems, (17-24)
- Höhn S and Jürjens J Rubacon Proceedings of the 30th international conference on Software engineering, (875-878)
- Jürjens J, Schreck J and Bartmann P Model-based security analysis for mobile communications Proceedings of the 30th international conference on Software engineering, (683-692)
- Montangero C and Semini L (2008). Barbed Model--Driven Software Development, Electronic Notes in Theoretical Computer Science (ENTCS), 207, (171-186), Online publication date: 1-Apr-2008.
- Jürjens J, Schreck J and Yu Y Automated analysis of permission-based security using UMLsec Proceedings of the Theory and practice of software, 11th international conference on Fundamental approaches to software engineering, (292-295)
- Elahi G and Yu E A goal oriented approach for modeling and analyzing security trade-offs Proceedings of the 26th international conference on Conceptual modeling, (375-390)
- Jürjens J and Yu Y Tools for model-based security engineering Proceedings of the 22nd IEEE/ACM International Conference on Automated Software Engineering, (545-546)
- Lund M, Refsdal A and Stølen K Semantics of UML models for dynamic behavior Proceedings of the 2007 International Dagstuhl conference on Model-based engineering of embedded real-time systems, (77-103)
- Jürjens J and Shabalin P (2007). Tools for secure systems development with UML, International Journal on Software Tools for Technology Transfer (STTT), 9:5-6, (527-544), Online publication date: 1-Oct-2007.
- Breu R, Popp G and Alam M (2007). Model based development of access policies, International Journal on Software Tools for Technology Transfer (STTT), 9:5-6, (457-470), Online publication date: 1-Oct-2007.
- Haneberg D, Grandy H, Reif W and Schellhorn G Verifying smart card applications Proceedings of the 6th international conference on Integrated formal methods, (313-332)
- Best B, Jurjens J and Nuseibeh B Model-Based Security Engineering of Distributed Information Systems Using UMLsec Proceedings of the 29th international conference on Software Engineering, (581-590)
- Jurjens J Developing Secure Embedded Systems Companion to the proceedings of the 29th International Conference on Software Engineering, (182-183)
- Petriu D, Woodside C, Petriu D, Xu J, Israr T, Georg G, France R, Bieman J, Houmb S and Jürjens J Performance analysis of security aspects in UML models Proceedings of the 6th international workshop on Software and performance, (91-102)
- Hogganvik I and Stølen K A graphical approach to risk identification, motivated by empirical investigations Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems, (574-588)
- Brucker A, Doser J and Wolff B A model transformation semantics and analysis methodology for SecureUML Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems, (306-320)
- Hafner M, Alam M and Breu R Towards a MOF/QVT-Based domain architecture for model driven security Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems, (275-290)
- Santen T Stepwise development of secure systems Proceedings of the 25th international conference on Computer Safety, Reliability, and Security, (142-155)
- Seehusen F and Stølen K Maintaining information flow security under refinement and transformation Proceedings of the 4th international conference on Formal aspects in security and trust, (143-157)
- Georg G, Houmb S and Ray I Aspect-Oriented Risk Driven Development of Secure Applications 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security on Data and Applications Security XX - Volume 4127, (282-296)
- Seehusen F and Stølen K Information flow property preserving transformation of UML interaction diagrams Proceedings of the eleventh ACM symposium on Access control models and technologies, (150-159)
- Kolarczyk S, Koch M, Löhr K and Pauls K SecTOOL Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security, (254-267)
- Mouratidis H, Jürjens J and Fox J Towards a comprehensive framework for secure systems development Proceedings of the 18th international conference on Advanced Information Systems Engineering, (48-62)
- Jürjens J and Fox J Tools for model-based security engineering Proceedings of the 28th international conference on Software engineering, (819-822)
- Mellado D, Fernández-Medina E and Piattini M A comparative study of proposals for establishing security requirements for the development of secure information systems Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III, (1044-1053)
- Koch M and Pauls K Engineering self-protection for autonomous systems Proceedings of the 9th international conference on Fundamental Approaches to Software Engineering, (33-47)
- Jürjens J Model-based security engineering with UML Proceedings of the 4th international conference on Formal Methods for Components and Objects, (64-87)
- Jürjens J and Houmb S Dynamic secure aspect modeling with UML Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems, (142-155)
- Gilmore S, Haenel V, Kloul L and Maidl M Choreographing security and performance analysis for web services Proceedings of the 2005 international conference on European Performance Engineering, and Web Services and Formal Methods, international conference on Formal Techniques for Computer Systems and Business Processes, (200-214)
- Jaferian P, Elahi G, Ayatollahzadeh Shirazi M and Sadeghian B RUPSec Proceedings of the 31st EUROMICRO Conference on Software Engineering and Advanced Applications, (232-239)
- Buchholtz M, Gilmore S, Haenel V and Montangero C End-to-end integrated security and performance analysis on the DEGAS choreographer platform Proceedings of the 2005 international conference on Formal Methods, (286-301)
- Massacci F, Prest M and Zannone N (2005). Using a security requirements engineering methodology in practice, Computer Standards & Interfaces, 27:5, (445-455), Online publication date: 1-Jun-2005.
- Giorgini P, Massacci F, Mylopoulos J and Zannone N Modeling social and individual trust in requirements engineering methodologies Proceedings of the Third international conference on Trust Management, (161-176)
- Jürjens J Sound methods and effective tools for model-based security engineering with UML Proceedings of the 27th international conference on Software engineering, (322-331)
- Spiessens F and Van Roy P A practical formal model for safety analysis in capability-based systems Proceedings of the 1st international conference on Trustworthy global computing, (248-278)
- Jürjens J and Shabalin P Tools for secure systems development with UML Proceedings of the 8th international conference, held as part of the joint European Conference on Theory and Practice of Software conference on Fundamental Approaches to Software Engineering, (305-309)
- Jürjens J and Wagner S Component-based development of dependable systems with UML Component-Based Software Development for Embedded Systems, (320-344)
- Giorgini P, Massacci F and Zannone N Security and trust requirements engineering Foundations of Security Analysis and Design III, (237-272)
- Jürjens J Model-Based security engineering with UML Foundations of Security Analysis and Design III, (42-77)
- Deubler M, Grünbauer J, Jürjens J and Wimmel G Sound development of secure service-based systems Proceedings of the 2nd international conference on Service oriented computing, (115-124)
- Jürjens J and Shabalin P Tools for critical systems development with UML (tool demo) UML Modeling Languages and Applications, (250-253)
- Avgeriou P, Guelfi N and Medvidovic N Software architecture description and UML UML Modeling Languages and Applications, (23-32)
- Avgeriou P, Guelfi N and Medvidovic N Software architecture description and UML Proceedings of the 2004 international conference on UML Modeling Languages and Applications, (23-32)
- Jürjens J and Shabalin P Tools for critical systems development with UML (tool demo) Proceedings of the 2004 international conference on UML Modeling Languages and Applications, (250-253)
- Buchholtz M, Montangero C, Perrone L and Semprini S For-LySa IST/FET International Workshop on Global Computing - Volume 3267, (93-106)
Recommendations
Tools for secure systems development with UML
For model-based development to be a success in practice, it needs to have a convincing added-value associated with its use. Our goal is to provide such added-value by developing tool-support for the analysis of UML models against difficult system ...
Development of UML Descriptions with USE
EurAsia-ICT '02: Proceedings of the First EurAsian Conference on Information and Communication TechnologyThe Object Constraint Language OCL is part of the Unified Modeling Language UML. Within software engineering, UML is regarded today as an important step towards development of high-quality object-oriented systems. OCL allows to describe system structure ...
UML for systems engineering
The paper provides an introduction to the employment of Unified Modeling Language (UML) in systems engineering. The standard being developed for this purpose is the Systems Modeling Language (SysML) specification. This paper, while not dealing with ...