Publication Details

Modeling the Trade-off Between Security and Performance to Support the Product Life Cycle

FUJDIAK Radek, BLAŽEK Petr, APVRILLE Ludovic, MARTINÁSEK Zdeněk, MLÝNEK Petr, PACALET Redaud, SMÉKAL David, MRNUŠTÍK Pavel, BARABAS Maroš and ZOOR Maysam. Modeling the Trade-off Between Security and Performance to Support the Product Life Cycle. In: Mediterranean Conference on Embedded Computing. New York: Institute of Electrical and Electronics Engineers, 2019, pp. 92-97. ISBN 978-1-7281-1739-3. Available from: https://ieeexplore.ieee.org/document/8760043
Czech title
Bezpečnost a výkon při modelování Trade-off v životním cyklu produktu
Type
conference paper
Language
english
Authors
Fujdiak Radek, doc. Ing., Ph.D. (FEEC BUT)
Blažek Petr, Ing. (FEEC BUT)
Apvrille Ludovic (TELE-PARIS)
Martinásek Zdeněk, doc. Ing., Ph.D. (FEEC BUT)
Mlýnek Petr, doc. Ing., Ph.D. (FEEC BUT)
Pacalet Redaud (TELE-PARIS)
Smékal David, Ing. (FEEC BUT)
Mrnuštík Pavel (TrustPort)
Barabas Maroš, Ing., Ph.D. (DITS FIT BUT)
Zoor Maysam (TELE-PARIS)
URL
Keywords

Security , Safety , Tools , Software , Unified modeling language , Standards , Best practices

Abstract

Nowadays, the development of products for modern cyber-physical systems consists of many stages defined by the product life cycle (PLC). However, many manufacturers are not paying full attention - if any at all - to each PLC stage. This, among others, is causing growth of development costs. Therefore, the first stage of PLC becomes crucial. Moreover, a significant part of the development costs might be saved via testing the required parameters in this early stage, e.g., via modeling tools, simulation tools or emulators. Considering among others the current cyber-warfare and everyday growing number of threats, security is becoming one of the most critical topics in PLC. However, the security aspects come with significant trade-offs with performance. This paper focuses on methodology for dealing with these trade-offs via simulation in the early stage of PLC, where basic requirements are settled. To establish security requirements, an extensive Secure Software Development Life Cycle catalog is used together with an advanced modeling framework TTool based on UML/SysML-Sec for performance trade-off analysis. This combination creates a powerful approach for establishing the balance between security and performance requirements. As an example, a particular security requirement is selected. Namely, confidentiality, fulfilled by the encryption algorithm AES. This introduces the methodology and approach to the co-engineering issue in the PLC stages, where two different development teams with also different goals (security, performance) are dealing together with the single combined issue. Our results should help to understand the importance of the early PLC stage and show one possible approach on how to deal with these issues.

Published
2019
Pages
92-97
Proceedings
Mediterranean Conference on Embedded Computing
Conference
2019 Mediterranean Embedded Computing Resources, Budva, ME
ISBN
978-1-7281-1739-3
Publisher
Institute of Electrical and Electronics Engineers
Place
New York, US
DOI
UT WoS
000492146100031
EID Scopus
BibTeX
@INPROCEEDINGS{FITPUB12237,
   author = "Radek Fujdiak and Petr Bla\v{z}ek and Ludovic Apvrille and Zden\v{e}k Martin\'{a}sek and Petr Ml\'{y}nek and Redaud Pacalet and David Sm\'{e}kal and Pavel Mrnu\v{s}t\'{i}k and Maro\v{s} Barabas and Maysam Zoor",
   title = "Modeling the Trade-off Between Security and Performance to Support the Product Life Cycle",
   pages = "92--97",
   booktitle = "Mediterranean Conference on Embedded Computing",
   year = 2019,
   location = "New York, US",
   publisher = "Institute of Electrical and Electronics Engineers",
   ISBN = "978-1-7281-1739-3",
   doi = "10.1109/MECO.2019.876004",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/12237"
}
Back to top