CN106529302A - MDA and UML extension based software development method - Google Patents
MDA and UML extension based software development method Download PDFInfo
- Publication number
- CN106529302A CN106529302A CN201610937667.3A CN201610937667A CN106529302A CN 106529302 A CN106529302 A CN 106529302A CN 201610937667 A CN201610937667 A CN 201610937667A CN 106529302 A CN106529302 A CN 106529302A
- Authority
- CN
- China
- Prior art keywords
- security
- mda
- model
- uml
- software development
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an MDA and UML extension based software development method. The MDA and UML extension based software development method comprises a first step of building an MDA model conversion chain, including, a CIM model, a PIM model, a PSM model and codes; and a second step of building a security analysis model, to be specific, analyzing the security of a system to obtain description of security characteristics and generating a security characteristic explanation document of the system, wherein the security characteristics comprise a performance description characteristic and a function description characteristic. Through UML sec extension, common security demands such as confidentiality, integrity and authenticity can be provided in a form of standard elements. Whether the system meets related security demands can be determined through the built security analysis model; and the security of codes can also be verified through testing sequences generated in the model.
Description
Technical field
The invention belongs to technical field of software development, more particularly to a kind of software development side based on MDA and UML extensions
Method.
Background technology
Ever-increasing network Complex Parts and uneasy total event and internetwork connection so that computer information system is more next
It is easily under attack, threaten people and each institutional interests.Traditional method for ensuring information security is " infiltration and benefit
Fourth ", you can have defect to receive system, is deleted or is repaired once find to spring a leak the infiltration of system or identification.
But the method is unsatisfactory, inherently there is security threat in external enwergy to patch, and often just have resulted in before leak is repaired
Loss.
In view of the security status of practical application Computer, it is considered to by safety analysiss and the software development side based on model
It is a kind of preferable solution that method is combined.Existing some scholars are studied to this, propose the various methods do not colluded, such as
The method for considering issued transaction security model;The mould of safety analysis is carried out by creating Security Object and fault tree analysiss assessment
Type drive software development approach;Model driven method based on safe XML data structure etc..
The content of the invention
It is an object of the invention to provide a kind of software development methodology based on MDA and UML extensions, is expanded by UMLsec
Whether exhibition, meet the demand for security of correlation by the safety analysis model determination system set up, can also be by raw from model
Into cycle testss, the safety of code is checked.
The present invention is achieved by the following technical solutions:
The present invention is a kind of software development methodology based on MDA and UML extensions, comprises the steps:
Step one, the foundation of MDA model conversion chains:Including CIM, PIM models, PSM models and code;
Step 2, the foundation of safety analysis model:It is analyzed by the safety to system, draws retouching for security feature
State, and generate the security feature explanation document of system;The described security feature includes performance Expressive Features and function Expressive Features.
Preferably, the performance Expressive Features are directly added to CIM and calculate independence model, and are converted to security performance
Test case.
Preferably, the function Expressive Features are modeled by UMLsec extension mechanisms, and are realized user and visited with RBAC
PIM models are added to after the logical separation for asking authority.
Preferably, the Profile in the UML provides a general extension mechanism, for specific area platform
By the self-defining uml model of developer, UMLsec using standard UML extension mechanisms and carried in the form of UML Profile
For.
The invention has the advantages that:
, by UMLsec extensions, common demand for security, such as confidentiality, integrity and verity can be with for the present invention
The form of specification element is provided.Whether the demand for security of correlation is met by the safety analysis model determination system set up, also
The safety of code can be checked by cycle testss are generated from model.
Certainly, the arbitrary product for implementing the present invention is it is not absolutely required to while reaching all the above advantage.
Description of the drawings
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, use required for describing to embodiment below
Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for ability
For the those of ordinary skill of domain, on the premise of not paying creative work, can be attached to obtain others according to these accompanying drawings
Figure.
Fig. 1 is a kind of flow chart of software development methodology based on MDA and UML extensions of the present invention;
Fig. 2 is a kind of system block diagram of software development methodology based on MDA and UML extensions of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than the embodiment of whole.It is based on
Embodiment in the present invention, it is all other that those of ordinary skill in the art are obtained under the premise of creative work is not made
Embodiment, belongs to the scope of protection of the invention.
Refer to shown in Fig. 1 and Fig. 2, the present invention is a kind of software development methodology based on MDA and UML extensions, including such as
Lower step:
Step one, the foundation of MDA model conversion chains:Including CIM, PIM models, PSM models and code;
Step 2, the foundation of safety analysis model:It is analyzed by the safety to system, draws retouching for security feature
State, and generate the security feature explanation document of system;The described security feature includes performance Expressive Features and function Expressive Features.
Wherein, performance Expressive Features are directly added to CIM and calculate independence model, and are converted to security performance test use
Example.
Wherein, function Expressive Features are modeled by UMLsec extension mechanisms, and realize user and access rights with RBAC
Logical separation after be added to PIM models.
Wherein, the Profile in UML provides a general extension mechanism, for specific area platform by developing
The self-defining uml model of person, UMLsec have been used the UML extension mechanisms of standard and are provided in the form of UML Profile.
After obtaining the PIM of system integration Safety modeling, check automatically UMLsec extended architectures type to close by support instrument
The constraint of connection, then carries out XML Metadata exchange (XML-based Metadata Interchange, XMI) output, by expanding
Exhibition CSS transfer language (Extensible Stylesheet Language Transformations, XSLT) is formulated and is directed to
The transformational rule of different platform, realization ask the conversion of PSM, that is, the security attribute in PIM is mapped to specific platform, so
After be converted into code, be finally achieved the security strategy in software.Above institute established model is all Platform Independent Model.By
Supports of the Arcstyler to MDA, automatically generates PSM from the PIM for building, is then converted to application code, and ultimately generating can
The application program for possessing security attribute for performing.
It should be noted that in said system embodiment, included unit simply carries out drawing according to function logic
Point, but above-mentioned division is not limited to, as long as corresponding function can be realized;In addition, each functional unit is concrete
Title is also only to facilitate mutually differentiation, is not limited to protection scope of the present invention.
In addition, one of ordinary skill in the art will appreciate that realizing all or part of step in the various embodiments described above method
Program be can be by instruct the hardware of correlation to complete, corresponding program can be stored in embodied on computer readable storage and be situated between
In matter, described storage medium, such as ROM/RAM, disk or CD etc..
Present invention disclosed above preferred embodiment is only intended to help and illustrates the present invention.Preferred embodiment is not detailed
All of details is described, it is only described specific embodiment also not limit the invention.Obviously, the content according to this specification,
Can make many modifications and variations.These embodiments are chosen and specifically described to this specification, is to preferably explain the present invention
Principle and practical application so that skilled artisan can be best understood by and utilize the present invention.The present invention is only
Limited by claims and its four corner and equivalent.
Claims (3)
1. a kind of software development methodology based on MDA and UML extension, it is characterised in that comprise the steps:
Step one, the foundation of MDA model conversion chains:Including CIM, PIM models, PSM models and code;
Step 2, the foundation of safety analysis model:It is analyzed by the safety to system, draws the description of security feature,
And generate the security feature explanation document of system;The described security feature includes performance Expressive Features and function Expressive Features.
2. a kind of software development methodology based on MDA and UML extension according to claim 1, it is characterised in that the property
Energy Expressive Features are directly added to CIM and calculate independence model, and are converted to security performance test case.
3. a kind of software development methodology based on MDA and UML extension according to claim 1, it is characterised in that the work(
Energy Expressive Features are modeled by UMLsec extension mechanisms, and are added after realizing logical separation of the user with access rights with RBAC
To PIM models.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610937667.3A CN106529302A (en) | 2016-10-25 | 2016-10-25 | MDA and UML extension based software development method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610937667.3A CN106529302A (en) | 2016-10-25 | 2016-10-25 | MDA and UML extension based software development method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106529302A true CN106529302A (en) | 2017-03-22 |
Family
ID=58293300
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610937667.3A Pending CN106529302A (en) | 2016-10-25 | 2016-10-25 | MDA and UML extension based software development method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106529302A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115756403A (en) * | 2022-11-07 | 2023-03-07 | 苏州数设科技有限公司 | Model drive design method and device, electronic equipment and readable storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1737756A (en) * | 2004-02-24 | 2006-02-22 | 株式会社东芝 | Data converting device and program for data conversion |
| CN103995699A (en) * | 2014-05-13 | 2014-08-20 | 中国神华能源股份有限公司 | Electric power enterprise information system development method based on MDA |
-
2016
- 2016-10-25 CN CN201610937667.3A patent/CN106529302A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1737756A (en) * | 2004-02-24 | 2006-02-22 | 株式会社东芝 | Data converting device and program for data conversion |
| CN103995699A (en) * | 2014-05-13 | 2014-08-20 | 中国神华能源股份有限公司 | Electric power enterprise information system development method based on MDA |
Non-Patent Citations (1)
| Title |
|---|
| 袁柯 等: "基于MDA与UML扩展的安全软件开发方法", 《计算机工程》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115756403A (en) * | 2022-11-07 | 2023-03-07 | 苏州数设科技有限公司 | Model drive design method and device, electronic equipment and readable storage medium |
| CN115756403B (en) * | 2022-11-07 | 2023-12-12 | 苏州数设科技有限公司 | Model drive design method and device, electronic equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Estefan | Survey of model-based systems engineering (MBSE) methodologies | |
| Garcia et al. | Interoperability from building design to building energy modeling | |
| US9015648B2 (en) | Roundtrip merge of BPEL processes and BPMN models | |
| Bergmann et al. | Semantic interoperability to enable smart, grid-interactive efficient buildings | |
| US8479159B2 (en) | System and method for automatically determining relationships between software artifacts using multiple evidence sources | |
| US20130117232A1 (en) | Snapshots of database models | |
| KR101106220B1 (en) | System for environmental load assessment during life cycle of building | |
| CN116257926B (en) | BIM-based Internet of things data binding method, device, equipment and storage medium | |
| Mens | Model transformation: A survey of the state of the art | |
| Biswas et al. | Data sharing for sustainable building assessment | |
| US20120166884A1 (en) | LEVERAGING THE RELATIONSHIP BETWEEN OBJECT IDs AND FUNCTIONS IN DIAGNOSING SOFTWARE DEFECTS DURING THE POST-DEPLOYMENT PHASE | |
| US8423951B1 (en) | Systems and/or methods for identifying corresponding elements in different models | |
| CN109614084A (en) | Web program and its Quick Development Framework, development approach and relevant device | |
| Kasim et al. | Automated sustainability compliance checking process: proof of concept | |
| CN106997322A (en) | Method and apparatus for automatic test | |
| CN106529302A (en) | MDA and UML extension based software development method | |
| Quek | Strategies and frameworks for adopting Building Information Modelling (BIM) for quantity surveyors | |
| Khattra et al. | A statistical review to study the structural stability of buildings using building information modelling | |
| Kim | Design pattern based model transformation with tool support | |
| CN104951312B (en) | A kind of business function custom-built system based on model-driven | |
| CN104239070B (en) | Software development method based on live documents | |
| East et al. | Lightweight capture of as-built construction information | |
| Muthumanickam et al. | Development of a novel BIM-energy use ontology | |
| Shih et al. | Development of building information modelling enabled code checking systems for Australia | |
| Lai et al. | 2-square: A web-based enhancement of square privacy and security requirements engineering |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170322 |