System Security Engineering Assistant

S2 Engineering Assistant (S2EA) is a modelling tool that supports system engineers to adopt and deploy security mechanisms proactively by-design. S2EA follows a UML model-based paradigm and establishes a controlled and supervised modelling framework to support system engineers to create their system architectures and to integrate appropriate security mechanisms into them while ensuring design integrity.

System Security Engineering Assistant

The S2EA does this on the basis of engineering artifacts that capture expert knowledge and makes it available for system engineers. These artifacts contain ready-to-integrate security solutions and provides a safe way to integrate these solutions by means of a rigorous collection of validation and verification rules for model checking. In this way, S2EA allows users to select and integrate the most suitable design decisions for their security requirements.

The S2EA has been created as a plugin for MagicDraw, extending its capabilities with the necessary actions and features to meet our Security Engineering Process. This tool extends the environment with new functionalities for creating, modifying, importing, storing the S2EA artefacts and for facilitating their use. The tool sustains the three-layer metamodelling approach of our security methodology.

This process begins in an abstract level and by means of several transformations, the model is converted into a more specific software architecture close to the developer parameters and specifications. To accomplish this, the S2EA uses the security knowledge gathered and expressed by security experts to fulfill security requirements.

The S2EA provides different functionalities for the different user profiles involved in the Security Engineering Process, adapting the modelling framework for the responsibilities of each role. Depending of the user role and privileges, the S2EA enables to access, produce or administrate the security artefacts required in the intermediate stages of the security methodology. Moreover, all the involved artefacts have to be mandatorily validated before their usage or storage in the S2EA knowledge repositories, using an automatic and strong OCL verification and validation system throughout the entire modelling process.

The different security artefacts correspond with the three layers of the Security Engineering Process architecture, and they are:

  • The Core Security Metamodel (CSM) defining the common language used in the modelling framework.
  • The Domain Security Metamodel (DSM) representing security knowledge for a specific domain using as basis the CSM.
  • The Security Patterns(SFPs) and the Security Building Blocks(SBBs) which are both used to express the functional behavior of the solutions, to provide realizations, to express the interaction between components and to deploy software implementations. They are included in the DSM as part of the mechanisms to solve the security requirements.

Finally, the S2EA allows System Engineers to import DSMs and use the collected security knowledge to improve their system models, solving the risks discovered in the security analysis. Supported by the S2EA, users will deploy all the solution mechanisms included in the artefacts described above, achieving all the security requirements and enhancing the design of the system.

The S2EA plugin is currently in refinement stage, but a new development branch has arisen to integrate the S2EA functionalities into the Eclipse Modeling Framework, as a plugin for Eclipse Papyrus. We will continue adding new functionalities, improvements and fixing bugs in future releases.

The tool is currently offered as a service and therefore operated by out team of experts. We are currently preparing  two commercial user-oriented versions based on MagicDraw™ and Eclipse respectively.

Video demonstrations of the use of the tool in different settings can be found on the SSPID Videos page.