Tutorial Series: Software Engineering for Critical Systems
Tutorial Series: Software Engineering for Critical Systems
Contents
Tutorials (and Slides)
Participants
UMLsec Book
UML Analysis Tool

Additional Information
Author
Further Literature
Applications
Applications

The UMLsec approach has been used in a number of industrial applications, which are documented in the following publications (see the Further Literature link for downloads):

  • J. Jürjens, J. Schreck, P. Bartmann: Model-based Security Analysis for Mobile Communications: An Industrial Application of UMLsec. 30th International Conference on Software Engineering (ICSE 2008), ACM, 2008. Documents an application of UMLsec at O2 (Germany).
  • B. Best, Jan Jürjens, and B. Nuseibeh: Model-based Security Engineering of Distributed Information Systems using UMLsec 29th International Conference on Software Engineering (ICSE 2007), ACM, 2007, pp. 581-590. Documents an application of UMLsec at BMW (Munich).
  • Jan Jürjens: Model-based Security Engineering for Real (Industry Day Invited Paper). 14th International Symposium on Formal Methods (FM 2006), volume 4085 of Lecture Notes in Computer Science, Springer, 2006, pp. 600-606. Overview over Model-based Security Engineering and industrial applications.
  • J. Jürjens. Code Security Analysis of a Biometric Authentication System Using Automated Theorem Provers. In 21st Annual Computer Security Applications Conference (ACSAC 2005) IEEE, 2005, pp. 138-149. Documents an application of UMLsec at a major German telecommunications company.
  • J. Jürjens. Developing High-Assurance Secure Systems with UML: An Electronic Purchase Protocol. In Eighth IEEE International Symposium on High Assurance Systems Engineering (HASE 2004), IEEE, 2004, pp. 231-240. Documents an application of UMLsec at a the Common Electronic Purse Specifications developed by Visa International and other companies (purchase transaction). (Described in more detail in the book.)
  • J. Grünbauer, H. Hollmann, J. Jürjens, and G. Wimmel. Modelling and Verification of Layered Security Protocols: A Bank Application. In 22nd International Conference on Computer Safety, Reliability and Security (SAFECOMP 2003), volume 2788 of Lecture Notes in Computer Science, Springer, 2003, pp. 116-129. Documents an application of UMLsec at a the German bank HypoVereinsbank.
  • J. Jürjens. Modelling Audit Security for Smart-card Payment Schemes with UMLsec. In Trusted Information: The New Decade Challenge. International Federation for Information Processing (IFIP), Kluwer Academic Publishers, 2001, pp. 93-108. Proceedings of SEC 2001 - 16th International Conference on Information Security. Documents an application of UMLsec at a the Common Electronic Purse Specifications developed by Visa International and other companies (load transaction). (Described in more detail in the book.)
  • M. Reininger. End-to-End Security in einem Rückversicherungsunternehmen, externer Zugriff auf interne Netze, 2006. Documents an application of UMLsec at a the German reinsurance company Munich Re.
  • J. Bobinger. Sicherer Einsatz elektronischer Unterschriften im Versicherungswesen, 2005. Documents an application of UMLsec at a the German insurance company Allianz.
  • M. Busch. Anpassung und Anwendung strukturierter Methoden zur IT-Sicherheitsrisikoanalyse, 2005. Documents an application of UMLsec at a the German chip manufacturer Infineon.
  • M. Raith. Modellbasierte Sicherheitsanalyse eines Bezahlungssystemes, 2005. Documents an application of UMLsec at a a German smart-card application provider.
  • R. Rumm. Sicherheitsanalyse komplexer Telematiksysteme am Beispiel der elektronischen Gesundheitskarte, 2004. Documents an application of UMLsec at the smart-card based German health-card developed by the German government.