Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Published January 19, 2016 | Version v1
Conference paper Open

An Architecture-Centric Process for MILS Development

  • 1. Carnegie Mellon Software Engineering Institute

Description

Safety-critical embedded systems are now software-reliant and evolving at an incredible pace. With the emerging Internet of Things (IoT) ecosystem, these systems are now interconnected to several networks and exposed to potential attackers. This increases the potential surface of attack and, ultimately, the likelihood of a successful attack that would penetrate the system. Until recently, many security efforts were focused on code analysis, but studies have shown that security is also a matter of good software architecture design and practices. For example, MILS requires isolating security domains in partitions using appropriate security components. However, because embedded systems are evolving quickly, new design methods are now required to overcome the challenges of developing them.

In this paper, we introduce a research agenda for a new architecturecentric development approach forMILS systems. This would leverage architecture models and augment them with security information in order to perform the different activities of the development process, including security policy validation, implementation, and testing. Using the same model throughout development improves the consistency of the development process by avoiding any translation between different—and potentially inconsistent—representations. In addition, automating the generation of implementation and tests avoids the traditional mistakes of manual code production, such as bugs and developers’ assumptions about ambiguous requirements.

Files

05-final-mils-paper-JulienDelange.pdf

Files (249.0 kB)

Name Size Download all
md5:6a35ddf5daf6608e9f5b04dd2b20eddc
249.0 kB Preview Download