Itesys - Home
Security Engineering using Problem Frames

This article presents a method for security engineering, which is based on two special kinds of problem frames that serve to structure, characterize, analyze, and finally solve software development problems in the area of software and system security. Both kinds of problem frames constitute patterns for representing security problems, variants of which occur frequently in practice. We present security problem frames, which are instantiated in the initial step of our method. They explicitly distinguish security problems from their solutions. To prepare the solution of the security problems in the next step, the article employs concretized security problem frames capturing known approaches to achieve security. Finally, the last step of described method results in a specification of the system to be implemented given by concrete security mechanisms and instantiated generic sequence diagrams. The article illustrates the approach by the example of a secure remote display system.
zum Artikel
Composing architectures based on architectural patterns for problem frames

The use of patterns is a promising way of developing high-quality software in a systematic way. Patterns can be used in different phases of the software lifecycle. Problem frames are patterns for representing simple software development problems, and architectural patterns are patterns for representing the coarse-grained structure of a piece of software. In a recent paper, we have defined architectural patterns corresponding to Jackson’s problem frames. To make use of problem frames, complex problems have to be decomposed into simple ones. The corresponding architectural patterns then provide solution structures for these simple problems. Now the question arises how to combine the solutions structures of the simple subproblems to obtain a solution structure for the complex problem. The present paper addresses this question. Different subproblems of a complex problem can be related in various ways. They can be independent of each other, they can exclude each other, or they may have to be solved in a specific order. Such information can be used to combine the solutions structures of the subproblem to a solution structure of the overall problem. In this paper, we present a pattern-based software development process using problem frames and the corresponding architectural patterns. In decomposing a complex problem into simple subproblems, the relationships between the subproblems are recorded explicitly. Based on this information, we give guidelines how to derive the software architecture for the overall problem from the software architectures of the simple subproblems.
zum Artikel
Die Bluetooth-Portierung
Drahtgebundene Anschlüsse an lokalen Komponenten eines verteilten MSR-Systems sind nicht unproblematisch – oft sind diese Schnittstellen nur schwer zugänglich. Mobile Wartungseinheiten mit „Air-Interfaces“ können hier Abhilfe schaffen.Welcher Aufwand hinter einer solchen Lösung steckt, zeigt folgende Fallstudie einer Bluetooth-Anbindung.
zum Artikel