This paper proposes a Model-Driven Architecture approach for the development of an embedded system validation platform namely Model-Based Security Analysis for Embedded Systems (MBSAES). The security properties are formally modeled and verified at an early stage of the design process of the system, which helps to reduce late errors and development time. A separation of the attack scenarios and the system design from the implementation details has been respected. To transform semi-formal models from SysML to NuSVM model checking platform, two Model-to-Text, horizontal and exogenous transformations have been implemented. The first one employs a programming approach with Java to create a Computational Tree Logic specification from an Extended Attack Tree, whereas the second one uses a template approach with Acceleo to generate NuSMV code from SysML structural and behavioral models. To illustrate our approach, a case study, involving attacks aiming to unlock car door systems, via signal jamming and code replaying, is considered. The results of this research will contribute to the automatic validation of system designs against security vulnerabilities via a database of extended attack trees building from existing atomic attacks.

中文翻译：

---

基于模型驱动架构的安全分析

本文提出了一种用于开发嵌入式系统验证平台的模型驱动架构方法，即嵌入式系统基于模型的安全分析 (MBSAES)。在系统设计过程的早期阶段对安全属性进行正式建模和验证，这有助于减少后期错误和开发时间。攻击场景和系统设计与实现细节的分离得到了尊重。为了将半正式模型从 SysML 转换为 NuSVM 模型检查平台，已经实现了两个 Model-to-Text、水平和外生转换。第一个使用 Java 的编程方法从扩展攻击树创建计算树逻辑规范，而第二个使用 Acceleo 的模板方法从 SysML 结构和行为模型生成 NuSMV 代码。为了说明我们的方法，我们考虑了一个案例研究，该研究涉及旨在通过信号干扰和代码重放来解锁车门系统的攻击。这项研究的结果将有助于通过从现有原子攻击构建的扩展攻击树数据库，针对安全漏洞自动验证系统设计。