Loading…
An extensive systematic review on the Model-Driven Development of secure systems
Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research on MDS has resulted in a large number of publications. Objective: To provide a detailed analysis of the state of the art in MDS,...
Saved in:
| Published in: | Information and software technology 2015-12, Vol.68, p.62-81 |
|---|---|
| Main Authors: | , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c380t-9419c0de36cb03980e3d8ab3c88ea416387057813ea069a557bf302a1412fc163 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c380t-9419c0de36cb03980e3d8ab3c88ea416387057813ea069a557bf302a1412fc163 |
| container_end_page | 81 |
| container_issue | |
| container_start_page | 62 |
| container_title | Information and software technology |
| container_volume | 68 |
| creator | Nguyen, Phu H. Kramer, Max Klein, Jacques Traon, Yves Le |
| description | Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research on MDS has resulted in a large number of publications.
Objective: To provide a detailed analysis of the state of the art in MDS, a systematic literature review (SLR ) is essential.
Method: We conducted an extensive SLR on MDS. Derived from our research questions, we designed a rigorous, extensive search and selection process to identify a set of primary MDS studies that is as complete as possible. Our three-pronged search process consists of automatic searching, manual searching, and snowballing. After discovering and considering more than thousand relevant papers, we identified, strictly selected, and reviewed 108 MDS publications.
Results: The results of our SLR show the overall status of the key artefacts of MDS, and the identified primary MDS studies. For example, regarding security modelling artefact, we found that developing domain-specific languages plays a key role in many MDS approaches. The current limitations in each MDS artefact are pointed out and corresponding potential research directions are suggested. Moreover, we categorise the identified primary MDS studies into 5 significant MDS studies, and other emerging or less common MDS studies. Finally, some trend analyses of MDS research are given.
Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the MDS development cycle, and for more empirical studies on the application of MDS methodologies. To the best of our knowledge, this SLR is the first in the field of Software Engineering that combines a snowballing strategy with database searching. This combination has delivered an extensive literature study on MDS. |
| doi_str_mv | 10.1016/j.infsof.2015.08.006 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_1719245016</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S0950584915001482</els_id><sourcerecordid>3827794681</sourcerecordid><originalsourceid>FETCH-LOGICAL-c380t-9419c0de36cb03980e3d8ab3c88ea416387057813ea069a557bf302a1412fc163</originalsourceid><addsrcrecordid>eNp9kD1PwzAQhi0EEqXwDxgsMSec4zhxFqSq5UsqggFmy3UuwlFrF9st9N-TUliZbrj3eU_3EHLJIGfAqus-t66LvssLYCIHmQNUR2TEZM2zCgpxTEbQCMiELJtTchZjD8Bq4DAiLxNH8Suhi3aLNO5iwpVO1tCAW4uf1Dua3pE--RaX2SwMIUdnuMWlX6_QJeo7GtFswh8bz8lJp5cRL37nmLzd3b5OH7L58_3jdDLPDJeQsqZkjYEWeWUWwBsJyFupF9xIibpkFZc1iFoyjhqqRgtRLzoOhWYlKzoz7Mfk6tC7Dv5jgzGp3m-CG04qVrOmKAX8pMpDygQfY8BOrYNd6bBTDNTenerVwZ3au1Mg1eBuwG4OGA4fDB6CisaiM9jagCap1tv_C74B2695Lg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1719245016</pqid></control><display><type>article</type><title>An extensive systematic review on the Model-Driven Development of secure systems</title><source>ScienceDirect Freedom Collection</source><creator>Nguyen, Phu H. ; Kramer, Max ; Klein, Jacques ; Traon, Yves Le</creator><creatorcontrib>Nguyen, Phu H. ; Kramer, Max ; Klein, Jacques ; Traon, Yves Le</creatorcontrib><description>Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research on MDS has resulted in a large number of publications.
Objective: To provide a detailed analysis of the state of the art in MDS, a systematic literature review (SLR ) is essential.
Method: We conducted an extensive SLR on MDS. Derived from our research questions, we designed a rigorous, extensive search and selection process to identify a set of primary MDS studies that is as complete as possible. Our three-pronged search process consists of automatic searching, manual searching, and snowballing. After discovering and considering more than thousand relevant papers, we identified, strictly selected, and reviewed 108 MDS publications.
Results: The results of our SLR show the overall status of the key artefacts of MDS, and the identified primary MDS studies. For example, regarding security modelling artefact, we found that developing domain-specific languages plays a key role in many MDS approaches. The current limitations in each MDS artefact are pointed out and corresponding potential research directions are suggested. Moreover, we categorise the identified primary MDS studies into 5 significant MDS studies, and other emerging or less common MDS studies. Finally, some trend analyses of MDS research are given.
Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the MDS development cycle, and for more empirical studies on the application of MDS methodologies. To the best of our knowledge, this SLR is the first in the field of Software Engineering that combines a snowballing strategy with database searching. This combination has delivered an extensive literature study on MDS.</description><identifier>ISSN: 0950-5849</identifier><identifier>EISSN: 1873-6025</identifier><identifier>DOI: 10.1016/j.infsof.2015.08.006</identifier><language>eng</language><publisher>Amsterdam: Elsevier B.V</publisher><subject>Content analysis ; Cybersecurity ; Literature reviews ; Mathematical models ; MDE ; MDS ; Model-Driven Engineering ; Model-Driven Security ; Programming languages ; Software engineering ; Software security engineering ; Studies ; Systematic review</subject><ispartof>Information and software technology, 2015-12, Vol.68, p.62-81</ispartof><rights>2015 Elsevier B.V.</rights><rights>Copyright Elsevier Science Ltd. Dec 2015</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c380t-9419c0de36cb03980e3d8ab3c88ea416387057813ea069a557bf302a1412fc163</citedby><cites>FETCH-LOGICAL-c380t-9419c0de36cb03980e3d8ab3c88ea416387057813ea069a557bf302a1412fc163</cites><orcidid>0000-0003-1773-8581</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Nguyen, Phu H.</creatorcontrib><creatorcontrib>Kramer, Max</creatorcontrib><creatorcontrib>Klein, Jacques</creatorcontrib><creatorcontrib>Traon, Yves Le</creatorcontrib><title>An extensive systematic review on the Model-Driven Development of secure systems</title><title>Information and software technology</title><description>Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research on MDS has resulted in a large number of publications.
Objective: To provide a detailed analysis of the state of the art in MDS, a systematic literature review (SLR ) is essential.
Method: We conducted an extensive SLR on MDS. Derived from our research questions, we designed a rigorous, extensive search and selection process to identify a set of primary MDS studies that is as complete as possible. Our three-pronged search process consists of automatic searching, manual searching, and snowballing. After discovering and considering more than thousand relevant papers, we identified, strictly selected, and reviewed 108 MDS publications.
Results: The results of our SLR show the overall status of the key artefacts of MDS, and the identified primary MDS studies. For example, regarding security modelling artefact, we found that developing domain-specific languages plays a key role in many MDS approaches. The current limitations in each MDS artefact are pointed out and corresponding potential research directions are suggested. Moreover, we categorise the identified primary MDS studies into 5 significant MDS studies, and other emerging or less common MDS studies. Finally, some trend analyses of MDS research are given.
Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the MDS development cycle, and for more empirical studies on the application of MDS methodologies. To the best of our knowledge, this SLR is the first in the field of Software Engineering that combines a snowballing strategy with database searching. This combination has delivered an extensive literature study on MDS.</description><subject>Content analysis</subject><subject>Cybersecurity</subject><subject>Literature reviews</subject><subject>Mathematical models</subject><subject>MDE</subject><subject>MDS</subject><subject>Model-Driven Engineering</subject><subject>Model-Driven Security</subject><subject>Programming languages</subject><subject>Software engineering</subject><subject>Software security engineering</subject><subject>Studies</subject><subject>Systematic review</subject><issn>0950-5849</issn><issn>1873-6025</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2015</creationdate><recordtype>article</recordtype><recordid>eNp9kD1PwzAQhi0EEqXwDxgsMSec4zhxFqSq5UsqggFmy3UuwlFrF9st9N-TUliZbrj3eU_3EHLJIGfAqus-t66LvssLYCIHmQNUR2TEZM2zCgpxTEbQCMiELJtTchZjD8Bq4DAiLxNH8Suhi3aLNO5iwpVO1tCAW4uf1Dua3pE--RaX2SwMIUdnuMWlX6_QJeo7GtFswh8bz8lJp5cRL37nmLzd3b5OH7L58_3jdDLPDJeQsqZkjYEWeWUWwBsJyFupF9xIibpkFZc1iFoyjhqqRgtRLzoOhWYlKzoz7Mfk6tC7Dv5jgzGp3m-CG04qVrOmKAX8pMpDygQfY8BOrYNd6bBTDNTenerVwZ3au1Mg1eBuwG4OGA4fDB6CisaiM9jagCap1tv_C74B2695Lg</recordid><startdate>201512</startdate><enddate>201512</enddate><creator>Nguyen, Phu H.</creator><creator>Kramer, Max</creator><creator>Klein, Jacques</creator><creator>Traon, Yves Le</creator><general>Elsevier B.V</general><general>Elsevier Science Ltd</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-1773-8581</orcidid></search><sort><creationdate>201512</creationdate><title>An extensive systematic review on the Model-Driven Development of secure systems</title><author>Nguyen, Phu H. ; Kramer, Max ; Klein, Jacques ; Traon, Yves Le</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c380t-9419c0de36cb03980e3d8ab3c88ea416387057813ea069a557bf302a1412fc163</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2015</creationdate><topic>Content analysis</topic><topic>Cybersecurity</topic><topic>Literature reviews</topic><topic>Mathematical models</topic><topic>MDE</topic><topic>MDS</topic><topic>Model-Driven Engineering</topic><topic>Model-Driven Security</topic><topic>Programming languages</topic><topic>Software engineering</topic><topic>Software security engineering</topic><topic>Studies</topic><topic>Systematic review</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Nguyen, Phu H.</creatorcontrib><creatorcontrib>Kramer, Max</creatorcontrib><creatorcontrib>Klein, Jacques</creatorcontrib><creatorcontrib>Traon, Yves Le</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Information and software technology</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Nguyen, Phu H.</au><au>Kramer, Max</au><au>Klein, Jacques</au><au>Traon, Yves Le</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An extensive systematic review on the Model-Driven Development of secure systems</atitle><jtitle>Information and software technology</jtitle><date>2015-12</date><risdate>2015</risdate><volume>68</volume><spage>62</spage><epage>81</epage><pages>62-81</pages><issn>0950-5849</issn><eissn>1873-6025</eissn><abstract>Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research on MDS has resulted in a large number of publications.
Objective: To provide a detailed analysis of the state of the art in MDS, a systematic literature review (SLR ) is essential.
Method: We conducted an extensive SLR on MDS. Derived from our research questions, we designed a rigorous, extensive search and selection process to identify a set of primary MDS studies that is as complete as possible. Our three-pronged search process consists of automatic searching, manual searching, and snowballing. After discovering and considering more than thousand relevant papers, we identified, strictly selected, and reviewed 108 MDS publications.
Results: The results of our SLR show the overall status of the key artefacts of MDS, and the identified primary MDS studies. For example, regarding security modelling artefact, we found that developing domain-specific languages plays a key role in many MDS approaches. The current limitations in each MDS artefact are pointed out and corresponding potential research directions are suggested. Moreover, we categorise the identified primary MDS studies into 5 significant MDS studies, and other emerging or less common MDS studies. Finally, some trend analyses of MDS research are given.
Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the MDS development cycle, and for more empirical studies on the application of MDS methodologies. To the best of our knowledge, this SLR is the first in the field of Software Engineering that combines a snowballing strategy with database searching. This combination has delivered an extensive literature study on MDS.</abstract><cop>Amsterdam</cop><pub>Elsevier B.V</pub><doi>10.1016/j.infsof.2015.08.006</doi><tpages>20</tpages><orcidid>https://orcid.org/0000-0003-1773-8581</orcidid><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0950-5849 |
| ispartof | Information and software technology, 2015-12, Vol.68, p.62-81 |
| issn | 0950-5849 1873-6025 |
| language | eng |
| recordid | cdi_proquest_journals_1719245016 |
| source | ScienceDirect Freedom Collection |
| subjects | Content analysis Cybersecurity Literature reviews Mathematical models MDE MDS Model-Driven Engineering Model-Driven Security Programming languages Software engineering Software security engineering Studies Systematic review |
| title | An extensive systematic review on the Model-Driven Development of secure systems |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-04T02%3A10%3A57IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20extensive%20systematic%20review%20on%20the%20Model-Driven%20Development%20of%20secure%20systems&rft.jtitle=Information%20and%20software%20technology&rft.au=Nguyen,%20Phu%20H.&rft.date=2015-12&rft.volume=68&rft.spage=62&rft.epage=81&rft.pages=62-81&rft.issn=0950-5849&rft.eissn=1873-6025&rft_id=info:doi/10.1016/j.infsof.2015.08.006&rft_dat=%3Cproquest_cross%3E3827794681%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c380t-9419c0de36cb03980e3d8ab3c88ea416387057813ea069a557bf302a1412fc163%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=1719245016&rft_id=info:pmid/&rfr_iscdi=true |