> Congress /Final Programme / Tutorials / Tut8
Tut8: Safe and Secure Systems Development with UML: Methods and Tools
Room: Guillaumet 2
Presenter:
Jan Jurjens, T. U. Munich, Germany
Abstract
The high quality development of critical systems (be it dependable, security- critical, real-time, or performance-critical systems) is difficult. Many critical systems are developed, deployed, and used that do not satisfy their criticality requirements, sometimes with spectacular failures.
Part of the difficulty of critical systems development is that correctness is often in conflict with cost. Where thorough methods of system design pose high cost through personnel training and use, they are all too often avoided.
UML offers an unprecedented opportunity for high-quality critical systems development that is feasible in an industrial context, because a large number of developers is trained in UML, UML is relatively precisely defined, and a number of tools are developed to assist its use.
The tutorial aims to give background knowledge on using UML for critical systems development and to contribute to overcoming some challenges in this context including:
- Adaptation to critical system application domains.
- Providing advanced tool-support for critical systems development with UML.
It includes a demo of a tool supporting critical systems analysis with UML.
The tutorial presents the current academic research and industrial best practice by addressing the following eight main subtopics:
| - |
UML basics, including extension mechanisms |
| - |
Applications of UML to |
| - |
dependable systems |
| - |
security-critical systems |
| - |
Extensions of UML (UMLsec, UMLsafe, ...) |
| - |
Using UML as a formal design technique for the development of critical systems |
| - |
Critical systems development methods |
| - |
Modeling, synthesis, code generation, testing, validation, and verification of critical systems using UML, in particular: Using the standard model interchange formats (XMI) for tool integration and to connect to validation engines. Existing tools |
| - |
Case studies |
| - |
Interactive tool demo. |
As example application domains, we focus on safety- and security-critical systems.
Presenter
Jan Jurjens is researcher at TU Munich (Germany). He leads Competence Center for IT Security at the Software & Systems Engineering group. He authored "Secure Systems Development with UML" (Springer-Verlag, published May 2004). He has more than 30 papers, several invited papers, 20 tutorials in international refereed journals and conferences. Jan Jurjens is initiator and current chair of working group on Formal Methods and Software Engineering for Safety and Security (FoMSESS) within German Computer Society (GI). He is member of:
- IFIP Working Group 1.7 "Theoretical Foundations of Security Analysis and Design"
- executive board of Division of Safety and Security within GI
- technical committee on Modeling of the GI
- advisory board of Bavarian Competence Center for Safety and Security
- working group on e-Security of Bavarian regional government
- previous academic stations: Univ. of Bremen, Univ. of Cambridge, Univ. of Edinburgh (LFCS), Bell Labs / Lucent Technology (Palo Alto), Univ. of Oxford.
|
