Project A: UML-based security analysis for software updates on smart-cards

The goal of this project is to apply the UMLsec approach (cf. 
http://www.umlsec.de) and its associated tool-support (cf.
http://computing-research.open.ac.uk/jj2924/umlsectool )
to an industrial application scenario provided by a major
smart-card producer. The goal of the application is to allow a secure
software update of the Java-card based smart-card software. Part of 
the objectives of this project is to derive insights towards an extension 
of UMLsec for the development of long-living evolvable security-critical 
systems.


Project B: Tools for UML-based security analysis of evolving systems

The goal of this project is to extend the UMLsec approach and its
tool-support to support the aspect of evolution. The first objective
is to extend the UMLsec model to include possible future system changes
as a "first-class-citizen" within the UMLsec notation. The second objective
is to extend the current security analysis tool support available for UMLsec
(implemented in Java) to deal with the extension of the notation. The goal 
is to be able to analyse  models against variations and changes in the 
security requirements, environment assumptions, and threat scenarios which 
are currently analyzed in the UMLsec tools.


Project C: Security monitor generation

A possible conclusion of the security analysis for evolving systems may of 
course be that the system will not be secure in a certain combination of changes 
in requirements, assumptions, and scenarios. To deal with this problem,
the goal of this project is to develop and approach and associated prototypical
tool-support for generating security monitors from the design models
which monitor at run-time whether a security property has been
violated (e.g. because of the system evolution) and will raise an
alarm (as an extension of the existing UMLsec tool support, which is
implemented in Java).