Developing secure embedded systems: Pitfalls and how to avoid them.
In: 29th International Conference on Software Engineering (ICSE 2007), 20-26 May 2007, Minneapolis, MN.
We give an overview over the challenges in developing secure embedded systems and show how to use the approach of Model-based Security Engineering (MBSE) to address them. In MBSE [Jür04, Jür05a, Jür05b, Jür06, BJN07], recurring security requirements (such as secrecy, integrity, authenticity and others) and security assumptions on the system environment, can be specified either within a UML specification, or within the source code (Java or C) as annotations. The associated tools [UML04] (Fig. 1b) generate logical formulas formalizing the execution semantics and the annotated security requirements.
Actions (login may be required)