A model-driven and generative approach to holistic security

Abstract

Functional and technical cyber-resilience gain increasing relevance for the health and integrity of connected and interoperating systems. In this chapter we demonstrate the power and flexibility of extreme model-driven design to provide holistic security to security-agnostic applications. Using C-IME, our integrated modelling environment for C/C++, we show how easily a modelled application can be enhanced with hardware security features fully automatically during code generation. We illustrate how to use this approach and design environment to make any modelled application ready to securely store its data in potentially insecure environments. The same approach can be used to secure communication over potentially insecure channels. In fact, our approach does not require any changes of the application model. Rather, our integrated modelling environment provides a dedicated modelling language for code generators which resorts to a Domain Specific Language for security. It is realized as a palette of security primitives whose implementation is based on underlying hardware security technology. The code generator injects security appropriately into the models of the applications under development. We illustrate the use of this security-injecting code generator on the case study of a to-do list management application. The code generator is generic and can be used to secure the file handling of any application modelled in the C-IME.