Nowadays, as software systems continuously grow in complexity, functionality and connectivity, more and more security and safety challenges arise that cannot effectively be addressed by traditional security concepts. This includes safety-critical areas (defense, transportation, nuclear power generation, space exploration, etc.), but also areas such as finance, medical information management and system using web applications (e.g. cloud computing systems).
SEMCO (System and software Engineering with Multi-COncerns) is a framwork to assist system and software developers in the domain of security and safety critical systems to capture, implement and document distributed system applications. SEMCO aims at supporting model- and pattern-based development approaches by defining and providing several artifacts types representing the different related engineering concerns (Security, Dependability, Safety and Resources) and architectural information.
In our work we develop a methodology to assist the architects to build rigorous secure software architecture of computer-based systems, combining modeling and formal techniques