Specifying Security Aspects in UML Models
Expansion of computer systems and the increasing number of services provided by Internet has lead software engineers to worry about security issues of their software. The reason is the short amount of time dedicated to test these characteristics, which leads to release insecure software to final users. To ease this problem, the use of model-based testing is becoming popular. Several works propose standards to model various elements, but a few related to security characteristics. This paper presents a technique to specify UML security stereotypes, aiming to guide developers by annotating vulnerable model parts and to allow the automatic security test case generation.