skip to main content
article

Model-based security analysis of feature-oriented software product lines

Published:07 April 2020Publication History
Skip Abstract Section

Abstract

Today's software systems are too complex to ensure security after the fact – security has to be built into systems by design. To this end, model-based techniques such as UMLsec support the design-time specification and analysis of security requirements by providing custom model annotations and checks. Yet, a particularly challenging type of complexity arises from the variability of software product lines. Analyzing the security of all products separately is generally infeasible. In this work, we propose SecPL, a methodology for ensuring security in a software product line. SecPL allows developers to annotate the system design model with product-line variability and security requirements. To keep the exponentially large configuration space tractable during security checks, SecPL provides a family-based security analysis. In our experiments, this analysis outperforms the naive strategy of checking all products individually. Finally, we present the results of a user study that indicates the usability of our overall methodology.

References

  1. Amir Shayan Ahmadian, Sven Peldszus, Qusai Ramadan, and Jan Jürjens. 2017. Model-based Privacy and Security Analysis with CARiSMA. In FSE. 989-993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Shaukat Ali, Tao Yue, Lionel C. Briand, and Suneth Walawege. 2012. A Product Line Modeling and Configuration Methodology to Support Model-Based Testing: An Industrial Case Study. In MoDELS. 726-742. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Oracle Corporation and/or its affiliates. 2018. OpenJDK. (2018). http://openjdk.java.net/.Google ScholarGoogle Scholar
  4. Sven Apel, Don S. Batory, Christian Kästner, and Gunter Saake. 2013. Feature-Oriented Software Product Lines - Concepts and Implementation. Springer. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. A. Bauer and J. Jürjens. 2010. Runtime Verification of Cryptographic Protocols. Computers and Security 29, 3 (2010), 315-330. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. B. Best, J. Jürjens, and B. Nuseibeh. 2007. Model-based Security Engineering of Distributed Information Systems using UMLsec. In ICSE. ACM, 581-590. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Marco Brambilla, Jordi Cabot, and Manuel Wimmer. 2012. Model-driven Software Engineering in Practice. Synthesis Lectures on Software Engineering 1, 1 (2012), 1-182. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Hugo Bruneliere, Erik Burger, Jordi Cabot, and Manuel Wimmer. 2017. A feature-based survey of model view approaches. Software & Systems Modeling (2017), 1-22.Google ScholarGoogle Scholar
  9. Hugo Bruneliere, Jordi Cabot, Frédéric Jouault, and Frédéric Madiot. 2010. MoDisco: A Generic and Extensible Framework for Model Driven Reverse Engineering. In ASE. ACM, 173-174. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Afredo Capozucca, Betty Cheng, Geri Georg, Nicolas Guelfi, Paul Istoan, Gunter Mussbacher, Adam Jensen, Jean-Marc Jézéquel, Jörg Kienzle, Jacques Klein, et al. 2011. Requirements Definition Document for a Software Product Line of Car Crash Management Systems. ReMoDD (2011).Google ScholarGoogle Scholar
  11. CARiSMA 2018. CARiSMA Tool. (2018). http://carisma.umlsec.de.Google ScholarGoogle Scholar
  12. Maria Christakis and Christian Bird. 2016. What Developers Want and Need from Program Analysis: An Empirical Study. In ASE. 332-343. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Harald Cichos, Sebastian Oster, Malte Lochau, and Andy Schürr. 2011. Model-Based Coverage-Driven Test Suite Generation for Software Product Lines. Springer, 425-439. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Krzysztof Czarnecki and Michal Antkiewicz. 2005. Mapping Features to Models: A Template Approach Based on Superimposed Variants. In GPCE. 422-437. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Krzysztof Czarnecki and Krzysztof Pietroszek. 2006. Verifying Feature-based Model Templates Against Well-formedness OCL Constraints. In GPCE. 211-220. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Hugo Sica de Andrade, Eduardo Santana de Almeida, and Ivica Crnkovic. 2014. Architectural bad smells in software product lines: an exploratory study. In WICSA. 12:1-12:6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Premkumar T Devanbu and Stuart Stubblebine. 2000. Software Engineering for Security: A Roadmap. In ICSE. ACM, 227-239. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Tor Erlend Fægri and Svein O. Hallsteinsen. 2006. A Software Product Line Reference Architecture for Security. In Software Product Lines - Research Issues in Engineering and Management. 275-326.Google ScholarGoogle ScholarCross RefCross Ref
  19. Geri Georg, Indrakshi Ray, Kyriakos Anastasakis, Behzad Bordbar, Manachai Toahchoodee, and Siv Hilde Houmb. 2009. An Aspect-oriented Methodology for Designing Secure Applications. INFSOF 51, 5 (2009), 846-864. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Carla P Gomes, Henry Kautz, Ashish Sabharwal, and Bart Selman. 2008. Satisfiability Solvers. Foundations of Artificial Intelligence 3 (2008), 89-134.Google ScholarGoogle ScholarCross RefCross Ref
  21. Alexander Gruler, Martin Leucker, and Kathrin Scheidemann. 2008. Modeling and Model Checking Software Product Lines. In FMOODS. Springer, 113-131. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Constance L. Heitmeyer, Myla Archer, Elizabeth I. Leonard, and John McLean. 2008. Applying Formal Methods to a Certifiably Secure Software System. IEEE Trans. Software Eng. 34, 1 (2008), 82-98. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Alex Hern and agencies. 2015. Apple removes malicious programs after first major attack on app store. The Guardian online. (2015). https://goo.gl/phxmRR.Google ScholarGoogle Scholar
  24. Martin Fagereng Johansen, Øystein Haugen, Franck Fleurey, Anne Grete Eldegard, and Torbjørn Syversen. 2012. Generating Better Partial Covering Arrays by Modeling Weights on Sub-product Lines. In MoDELS. 269-284. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. J. Jürjens. 2000. Secure Information Flow for Concurrent Processes. In CONCUR, C. Palamidessi (Ed.), Vol. 1877. 395-409. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Jan Jürjens. 2001. Modelling Audit Security for Smart-Card Payment Schemes with UML-Sec. In Trusted Information: The New Decade Challenge, Michel Dupuy and Pierre Paradinas (Eds.). Springer, 93-107. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Jan Jürjens. 2002. UMLsec: Extending UML for Secure Systems Development. In UML. 412-425. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Jan Jürjens. 2005. Model-based Security Engineering with UML. In FOSAD. Springer, 42-77. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Jan Jürjens. 2005. Secure Systems Development with UML. Springer. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. J. Jürjens, J. Schreck, and P. Bartmann. 2008. Model-based Security Analysis for Mobile Communications. In ICSE. ACM, 683-692. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Kyo C Kang, Sholom G Cohen, James A Hess, William E Novak, and A Spencer Peterson. 1990. Feature-oriented Domain Analysis (FODA) Feasibility Study. Technical Report. DTIC Document.Google ScholarGoogle Scholar
  32. Christian Kästner and Sven Apel. 2009. Virtual Separation of Concernsa Second Chance for Preprocessors. Journal of Object Technology 8, 6 (2009), 59-78.Google ScholarGoogle ScholarCross RefCross Ref
  33. Christian Kästner, Sven Apel, and Martin Kuhlemann. 2008. Granularity in Software Product Lines. In ICSE. ACM, 311-320. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Christian Kästner, Sven Apel, Thomas Thüm, and Gunter Saake. 2012. Type Checking Annotation-based Product Lines. TOSEM 21, 3, Article 14 (July 2012), 14:1-14:39 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Christian Kästner, Paolo G Giarrusso, Tillmann Rendel, Sebastian Erdweg, Klaus Ostermann, and Thorsten Berger. 2011. Variability-aware Parsing in the Presence of Lexical Macros and Conditional Compilation. ACM SIGPLAN Notices 46, 10 (2011), 805-824. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Basel Katt, Matthias Gander, Ruth Breu, and Michael Felderer. 2011. Enhancing Model Driven Security through Pattern Refinement Techniques. In FMCO. 169-183.Google ScholarGoogle Scholar
  37. Remo Lachmann, Simon Beddig, Sascha Lity, Sandro Schulze, and Ina Schaefer. 2017. Risk-based integration testing of software product lines. In VaMoS. ACM, 52-59. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Lampiro 2011. Lampiro. (2011). https://github.com/pinturic/lampiro/tree/master/lampiro.Google ScholarGoogle Scholar
  39. Kevin Lano, David Clark, and Kelly Androutsopoulos. 2002. Safety and Security Analysis of Object-Oriented Models. In SAFECOMP. Springer, 82-93. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Malte Lochau, Sven Peldszus, Matthias Kowal, and Ina Schaefer. 2014. Model-based Testing. In Formal Methods for Executable Software Models. Springer, 310-342. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Salvador Martínez, Valerio Cosentino, and Jordi Cabot. 2016. Model-based Analysis of Java EEWeb Security Configurations. In MiSE. ACM, 55-61. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Daniel Mellado, Eduardo Fernández-Medina, and Mario Piattini. 2008. Towards Security Requirements Management for Software Product Lines: A Security Domain Requirements Engineering Process. Computer Standards & Interfaces 30, 6 (2008), 361-371. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Daniel Mellado, Haralambos Mouratidis, and Eduardo Fernández-Medina. 2014. Secure Tropos Framework for Software Product Lines Requirements Engineering. Computer Standards & Interfaces 36, 4 (2014), 711-722. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. MobilePhoto 2008. MobilePhoto. (2008). http://homepages.dcc.ufmg.br/~figueiredo/spl/icse08/.Google ScholarGoogle Scholar
  45. Varvana Myllärniemi, Mikko Raatikainen, and Tomi Männistö. 2015. Representing and Configuring Security Variability in Software Product Lines. In QoSA. 1-10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Sarah Nadi and Stefan Krüger. 2016. Variability Modeling of Cryptographic Components: Clafer Experience Report. In VaMoS. 105-112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Antonio Nappa, Richard Johnson, Leyla Bilge, Juan Caballero, and Tudor Dumitras. 2015. The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching. In SP. IEEE, 692-708. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Phu Hong Nguyen, Koen Yskout, Thomas Heyman, Jacques Klein, Riccardo Scandariato, and Yves Le Traon. 2015. SoSPa: A System of Security Design Patterns for Systematically Engineering Secure Systems. In MoDELS. 246-255.Google ScholarGoogle Scholar
  49. Object Management Group (OMG). 2011. UML 2.5 Superstructure Specification. (2011).Google ScholarGoogle Scholar
  50. OMG. 2017. OMG System Modeling Language. Technical Report. Object Management Group.Google ScholarGoogle Scholar
  51. Sebastian Oster, Florian Markert, and Philipp Ritter. 2010. Automated Incremental Pairwise Testing of Software Product Lines. In SPL. Springer, 196-210. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Salvador Martínez Perez, Joaquín García-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia, and Jordi Cabot. 2013. Model-Driven Extraction and Analysis of Network Security Policies. In MoDELS. Springer, 52-68. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Jörg Pleumann, Omry Yadan, and Erik Wetterberg. 2010. Antenna Preprocessor. (2010). http://antenna.sourceforge.net/.Google ScholarGoogle Scholar
  54. Max Reininger. 2006. End-to-End Security in a Reinsurance Company, Remote Access to the Company Network. Master's thesis. TU Munich.Google ScholarGoogle Scholar
  55. Rick Salay, Michalis Famelis, Julia Rubin, Alessio Di Sandro, and Marsha Chechik. 2014. Lifting Model Transformations to Product Lines. In ICSE. ACM, 117-128. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. Laurens Sion, Dimitri Van Landuyt, Koen Yskout, and Wouter Joosen. 2016. Towards Systematically Addressing Security Variability in Software Product Lines. In SPLC. 342-343. Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. SMS 2002. ISO/IEC 21989:2002: Information technology - Telecommunications and information exchange between systems - Private Integrated Services Network - Specification, functional model and information flows - Short message service. Technical Report. International Organization for Standardization, https://www.iso.org/standard/36050.html.Google ScholarGoogle Scholar
  58. Dieter Spaar and Fabian A. Scherschel. 2015. Beemer, Open Thyself! - Security vulnerabilities in BMW's ConnectedDrive. (2015).Google ScholarGoogle Scholar
  59. Harald Störrle. 2017. How are Conceptual Models used in Industrial Software Development?: A Descriptive Survey. In EASE. ACM, 160-169. Google ScholarGoogle ScholarDigital LibraryDigital Library
  60. Daniel Strüber, Timo Kehrer, Thorsten Arendt, Christopher Pietsch, and Dennis Reuling. 2016. Scalability of Model Transformations: Position Paper and Benchmark Set. In Workshop on Scalable Model Driven Engineering. 21-30.Google ScholarGoogle Scholar
  61. Thomas Thüm, Sven Apel, Christian Kästner, Ina Schaefer, and Gunter Saake. 2014. A Classification and Survey of Analysis Strategies for Software Product Lines. ACM Comput. Surv. 47, 1 (2014), 6:1-6:45. Google ScholarGoogle ScholarDigital LibraryDigital Library
  62. Len Wozniak and Paul Clements. 2015. How Automotive Engineering is Taking Product Line Engineering to the Extreme. In SPLC. 327-336. Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. Koen Yskout, Riccardo Scandariato, and Wouter Joosen. 2015. Do Security Patterns Really Help Designers?. In ICSE. 292-302. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Model-based security analysis of feature-oriented software product lines

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM SIGPLAN Notices
          ACM SIGPLAN Notices  Volume 53, Issue 9
          GPCE '18
          September 2018
          214 pages
          ISSN:0362-1340
          EISSN:1558-1160
          DOI:10.1145/3393934
          Issue’s Table of Contents
          • cover image ACM Conferences
            GPCE 2018: Proceedings of the 17th ACM SIGPLAN International Conference on Generative Programming: Concepts and Experiences
            November 2018
            214 pages
            ISBN:9781450360456
            DOI:10.1145/3278122

          Copyright © 2018 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 7 April 2020

          Check for updates

          Qualifiers

          • article

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!