March 4, 2008
Manuel Clavel
In this talk we will report on our experience on using the so-called model-driven security approach in an MDA industrial project. In model-driven security, designers specify system models along with their security requirements and use tools to automatically generate system architectures from the models. During the talk, we will discuss the languages that we used to model both the functional and the security system’s requirements, and we will describe the transformation function that we developed to build from the security-design models the system’s access control infrastructure.
The talk will conclude with the lessons that we learned about the feasibility and practical industrial relevance of the model-driven security approach, and about the opportunities/challenges that it offers/presents for the application of formal methods in industrial projects.