This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Using AADL to Assess Architectural Concerns for Cyber Security
Journal Article
2023-01-0998
ISSN: 2641-9637, e-ISSN: 2641-9645
Sector:
Topic:
Event:
2023 AeroTech
Citation:
Payne, C., Shackleton, H., Schwerdfeger, A., Shackleton, J. et al., "Using AADL to Assess Architectural Concerns for Cyber Security," SAE Int. J. Adv. & Curr. Prac. in Mobility 5(5):1875-1884, 2023, https://doi.org/10.4271/2023-01-0998.
Language:
English
Abstract:
We describe how we apply the SAE AS 5506 Architecture and Analysis Design Language (AADL) [4] to reason about contextual and architectural concerns for cyber security. A system’s cyber security certification requires verification that the system’s cyber security mechanisms are correct, non-bypassable, and tamper-resistant. We can verify correctness by examining the mechanism itself, but verifying the other qualities requires us to examine the context in which that mechanism resides. Understanding that context and validating the system’s evolving design against that context is an objective for the Architecture Centric Virtual Integration Process (ACVIP), an AADL-based approach to model and detect system design defects before they become too costly to fix. We describe our work to apply AADL to assess non-bypassability and tamper-resistance. The results of our research - tool plugins for cyber security architectural validation - support system developers today in their ACVIP activities.