SAR-SSI 2014, 9ème Conférence sur la Sécurité des Architectures Réseaux et des Systèmes d'Information, May 13-16, 2014, Saint-Germain-Au-Mont-D'Or, France
We introduce in this paper a security meta-model for our SysML-Sec framework, developed to improve the security requirements engineering process through the explicit representation of security concerns with knowledge representation techniques. This meta-model enables the specification of ontological concepts which define the semantics of the security artifacts introduced through SysML-Sec diagrams. This meta-model also enables representing the relationships that tie several such concepts together. This representation is then used for reasoning about the knowledge introduced by system designers as well as security experts through the graphical environment of the SysML-Sec framework. In addition to its documentary aspect, such a meta-model makes it possible to introduce different types of verifications of security requirements and threats, and especially consistency checks regarding the content of all diagrams. We finally present a prototype that integrates meta-model descriptions into the SysML-Sec framework and its implementation using Semantic Web technologies.
Type:
Conference
City:
Saint-Germain-Au-Mont-D'Or
Date:
2014-05-13
Department:
Digital Security
Eurecom Ref:
4261
Copyright:
© INRIA. Personal use of this material is permitted. The definitive version of this paper was published in SAR-SSI 2014, 9ème Conférence sur la Sécurité des Architectures Réseaux et des Systèmes d'Information, May 13-16, 2014, Saint-Germain-Au-Mont-D'Or, France and is available at :
See also:
