SecureMDD
SecureMDD is a model-driven software engineering method for developing security-critical applications based on cryptographic protocols. It integrates the generation of code and formal methods. Starting with a UML model of a system under development, we generate Java(Card) code and a formal model. The formal model is used to verify the security of the modeled system.
Security DSLs provided by the Tool
Name
Description
Use cases capture the functional and security requirements of a system. Class diagrams model the static view of an application. Sequence and activity diagrams describe the dynamic aspects of the system. Deployment diagrams define the system structure. They also describe how attackers can affect and interfere with communication between authentic components or use fake components, e.g., to attempt to pay with a forged copycard. This information is later needed for verification.
Security Checks provided by the Tool
Name
Description