This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Using AADL to Assess Architectural Concerns for Cyber Security
Technical Paper
2023-01-0998
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Event:
2023 AeroTech
Language:
English
Abstract
We describe how we apply the SAE AS 5506 Architecture and Analysis Design
Language (AADL) [4] to reason about
contextual and architectural concerns for cyber security. A system’s cyber
security certification requires verification that the system’s cyber security
mechanisms are correct, non-bypassable, and tamper-resistant. We can verify
correctness by examining the mechanism itself, but verifying the other qualities
requires us to examine the context in which that mechanism resides.
Understanding that context and validating the system’s evolving design against
that context is an objective for the Architecture Centric Virtual Integration
Process (ACVIP), an AADL-based approach to model and detect system design
defects before they become too costly to fix. We describe our work to apply AADL
to assess non-bypassability and tamper-resistance. The results of our research -
tool plugins for cyber security architectural validation - support system
developers today in their ACVIP activities.
Authors
Topic
Citation
Payne, C., Shackleton, H., Schwerdfeger, A., Shackleton, J. et al., "Using AADL to Assess Architectural Concerns for Cyber Security," SAE Technical Paper 2023-01-0998, 2023, https://doi.org/10.4271/2023-01-0998.Also In
References
- National Institute of Standards and Technology 2013
- Boebert , W.E. , and Kain , R.Y. A Practical Alternative to Hierarchical Integrity Policies 8th National Computer Security Conference 1985
- Boydston , A.K. , Feiler , P.H. , Vestal , S. , and Lewis , B. Architecture Centric Virtual Integration Process (ACVIP): A Key Component for the DoD Digital Engineering Strategy 22nd Annual Systems and Mission Engineering Conference 2019 https://www.adventiumlabs.com/publication/architecture-centric-virtual-integration-process-acvip-key-component-dod-digital
- Society of Automotive Engineers 2017
- Boettcher , C. , DeLong , R. , Rushby , J. Sifre , W. The MILS Component Integration Approach to Secure Information Sharing IEEE/AIAA Digital Avionics Systems Conference 2008
- National Institute of Standards and Technology 2010
- Defense Information Systems Agency 2014 http://disa.mil/connect