This content is not included in your SAE MOBILUS subscription, or you are not logged in.
Using AADL to Assess Architectural Concerns for Cyber Security
ISSN: 0148-7191, e-ISSN: 2688-3627
Published March 07, 2023 by SAE International in United States
Annotation ability available
Event: 2023 AeroTech
We describe how we apply the SAE AS 5506 Architecture and Analysis Design Language (AADL)  to reason about contextual and architectural concerns for cyber security. A system’s cyber security certification requires verification that the system’s cyber security mechanisms are correct, non-bypassable, and tamper-resistant. We can verify correctness by examining the mechanism itself, but verifying the other qualities requires us to examine the context in which that mechanism resides. Understanding that context and validating the system’s evolving design against that context is an objective for the Architecture Centric Virtual Integration Process (ACVIP), an AADL-based approach to model and detect system design defects before they become too costly to fix. We describe our work to apply AADL to assess non-bypassability and tamper-resistance. The results of our research - tool plugins for cyber security architectural validation - support system developers today in their ACVIP activities.
CitationPayne, C., Shackleton, H., Schwerdfeger, A., Shackleton, J. et al., "Using AADL to Assess Architectural Concerns for Cyber Security," SAE Technical Paper 2023-01-0998, 2023, https://doi.org/10.4271/2023-01-0998.
- National Institute of Standards and Technology 2013
- Boebert , W.E. , and Kain , R.Y. A Practical Alternative to Hierarchical Integrity Policies 8th National Computer Security Conference 1985
- Boydston , A.K. , Feiler , P.H. , Vestal , S. , and Lewis , B. Architecture Centric Virtual Integration Process (ACVIP): A Key Component for the DoD Digital Engineering Strategy 22nd Annual Systems and Mission Engineering Conference 2019 https://www.adventiumlabs.com/publication/architecture-centric-virtual-integration-process-acvip-key-component-dod-digital
- Society of Automotive Engineers 2017
- Boettcher , C. , DeLong , R. , Rushby , J. Sifre , W. The MILS Component Integration Approach to Secure Information Sharing IEEE/AIAA Digital Avionics Systems Conference 2008
- National Institute of Standards and Technology 2010
- Defense Information Systems Agency 2014 http://disa.mil/connect