Affiliation:
1. University of Luxembourg, Luxembourg
Abstract
The quality of software systems depends strongly on their architecture. For this reason, taking into account non-functional requirements at architecture level is crucial for the success of the software development process. Early architecture model validation facilitates the detection and correction of design errors. In this research, the authors are interested in security critical systems, which require a reliable validation process. So far, they are missing security-testing approaches providing an appropriate compromise between software quality and development cost while satisfying certification and audit procedures requirements through automated and documented validation activities. In this chapter, the authors propose a novel test-driven and architecture model-based security engineering approach for resilient systems. It consists of a test-driven security modeling framework and a test based validation approach. The assessment of the security requirement satisfaction is based on the test traces analysis. Throughout this study, the authors illustrate the approach using a client server architecture case study.
Reference39 articles.
1. Armando, A., Carbone, R., Compagna, L., Li, K., & Pellegrino, G. (2010). Model-checking driven security testing of web-based applications. In Proceedings of the 2010 Third International Conference on Software Testing, Verification, and Validation Workshops, ICSTW'10. IEEE Computer Society Press.
2. Bertolino, A., Inverardi, P., & Muccini, H. (2001). An explorative journey from architectural tests definition down to code tests execution. Software Engineering, 23rd International Conference on Software Engineering (ICSE'01). IEEE Computer Society Press.
3. Brun, M., Delatour, J., & Trinquet, Y. (2008). Code generation from AADL to a real-time operating system: An experimentation feedback on the use of model transformation. In Proceedings of the 13th IEEE International Conference on on Engineering of Complex Computer Systems (ICECCS '08). IEEE Computer Society.
4. Chen, M., Mishra, P., & Kalita, D. (2008). Coverage-driven automatic test generation for UML activity diagrams. In Proceedings of the 18th ACM Great Lakes Symposium on VLSI (GLSVLSI '08). ACM.