Model Transformation and Code Generation Using a Secure Business Process Model

Abstract

Abstract Worldwide, new devices in every sphere of the walk are emerging daily, and a more significant percentage of them are software-driven. Consequently, the software development process is prone to errors, bugs, and frequent changes to the requirements and the software leading to abnormal deviation in time to deliver. Another aspect being considered is the security of the software at the time of (Software Development Life Cycle) SDLC. As a part of secure software engineering, the model transformation involves the information security aspects in the early phases of SDLC. Hence, Automation of the software development process, though not entirely, is inevitable. In this research, platform-independent models are generated with security attributes such as Integrity, Privacy, Security Audit, non-repudiation, and authentication. A template-based source code generator is used to produce the structure of the source model. The Secure Business Process Model (SBPM) has a set of Unified Modeling Language (UML) artifacts such as analysis level classes and sequence diagrams with security attributes by taking the activity model as a source. Security requirements are associated with elements extracted from the source model. Structural codes for the source model with security-enabled members are generated.