Model Driven Security Engineering

Model Driven Security Engineering

Model driven engineering (MDE) is becoming increasingly relevant in the domain of Software Engineering. This methodology strives to increase productivity by using models at suitable abstraction levels. Security of ubiquitous computers in our current and future world cannot be ensured adequately by today's techniques. To be able to build truly secure software systems, new techniques must be developed to ensure security in novel application scenarios.

The center for advanced security research Darmstadt (CASED) is a research center at the Technische Universität Darmstadt focussing on the security of IT systems. Researchers from different disciplines, international research centers, and various commercial partners cooperate to investigate and develop future-proof solutions for IT security.

Our research in this field is focussed on the development of model driven techniques for supervising and enforcing behavioral security requirements in critical systems.

Our approach is (i) to consider security requirements specifications as first class citizens in model driven system design, and (ii) to generate monitor code, as an integral part of the final software product, for supervising and enforcing these requirements. 

Completed Projects

Initially we worked on the model driven development of security monitors for supervising the interaction of components with a fixed structure.

More recent activities have focused on monitoring and verification of self-reconfiguring Systems, i.e, on systems whose structure changes dynamically during runtime.