Tools for model-based security engineering

Jan Jürjens, Jorge Fox
2006 Proceeding of the 28th international conference on Software engineering - ICSE '06  
We present tool-support for checking UML models and C code against security requirements. A framework supports implementing verification routines, based on XMI output of the diagrams from UML CASE tools, and on control flow generated from the C code. The tool also supports weaving security aspects into the code generated from the models. Advanced users can use this open-source framework to implement verification routines for the constraints of selfdefined security requirements. We focus on a
more » ... ification routine that automatically verifies crypto-based software for security requirements by using automated theorem provers.
doi:10.1145/1134285.1134423 dblp:conf/icse/JurjensF06 fatcat:amyu7yvrjvg4bgin5atfaidcce