학술논문

Extending the UML Statecharts Notation to Model Security Aspects
Document Type
Periodical
Source
IEEE Transactions on Software Engineering IIEEE Trans. Software Eng. Software Engineering, IEEE Transactions on. 41(7):661-690 Jul, 2015
Subject
Computing and Processing
Unified modeling language
Security
Software engineering
Object oriented modeling
Semantics
Proposals
Educational institutions
Statecharts
Security Modeling
Extended Notation
Industrial Survey
Subject-Based Experiment
Language
ISSN
0098-5589
1939-3520
2326-3881
Abstract
Model driven security has become an active area of research during the past decade. While many research works have contributed significantly to this objective by extending popular modeling notations to model security aspects, there has been little modeling support for state-based views of security issues. This paper undertakes a scientific approach to propose a new notational set that extends the UML (Unified Modeling Language) statecharts notation. An online industrial survey was conducted to measure the perceptions of the new notation with respect to its semantic transparency as well as its coverage of modeling state based security aspects. The survey results indicate that the new notation encompasses the set of semantics required in a state based security modeling language and was largely intuitive to use and understand provided very little training. A subject-based empirical evaluation using software engineering professionals was also conducted to evaluate the cognitive effectiveness of the proposed notation. The main finding was that the new notation is cognitively more effective than the original notational set of UML statecharts as it allowed the subjects to read models created using the new notation much quicker.