CARiSMA is a tool developed by us for analyzing compliance-, risk- and security properties on software models.
The tool evolved from the UMLsec-Tool that has been developed since 2001 and featured automated checks on UMLsec annotated models.
In 2011, the proprietary tool has been standardized and migrated onto the Eclipse/EMF-platform. Because of this step, the analysis is no longer restricted to UML models, but new languages like BPMN are supported, too. In addition, CARiSMA offers a plugin-architecture which makes it easily extensible with new features for the compliance-, risk-, and security checking.