Article Preview
TopIntroduction
Today, major advances in software technology go hand in hand with spectacular failures in the generated software artifacts. The complexity of systems and applications, which are more and more connected, expands the areas in which they are susceptible to attacks. For instance, moving to the Cloud requires new ways to protect data and privacy (Juan Ferrer, Marqués and Jorba, 2019). In addition, the paradigm of Internet of Things (IoT) requires analyzing complex software/hardware systems in the early stages of design, mainly in software that will be embedded in systems deployed in different places.
The demand for security of systems and applications linked to these paradigms is growing. The most recent research proposes to use approaches that allow addressing requirements of heterogeneity, interoperability, integration, and portability throughout all software development life cycle. One of the most promising ways to achieve it is to adopt Model Driven Engineering (MDE). The underlying idea in MDE is that software development can be broken down into standardized, highly automated activities that can mass produce software applications reducing costs, development time and risks. A specific realization of MDE is the Model Driven Architecture (MDA) proposed by the Object Management Group (OMG) (MDA, 2020). MDA principles can be summarized as follows: all artifacts involved in a process can be viewed as models that conform to a particular metamodel, the process itself can be viewed as a sequence of model transformations and, all extracted information is represented in a standard way through metamodels. The Meta-Object Facility Metamodel (MOF) can be considered the essence of MDA allowing different kinds of artifacts from multiple technologies to be used together in an interoperable way (MOF, 2019). The Eclipse Modeling Framework (EMF) has become the reference platform for related development tools. Particularly, its metamodel Ecore is the official implementation of MOF (EMF, 2020).
In recent years, specific IoT or Cloud Computing MOF-like metamodels emerged to support the systematic development of secure software. For instance, to face the difficulties that cause the variety of cloud providers offering different resource management interfaces emerged the Open Cloud Computing Interface (OCCI) (Nyrén, R. et al., 2016). A precise metamodel for OCCI based on EMF annotated in OCL (OCL, 2014) is described in (Merle et al., 2015) and (Achilleos et al., 2019). Also, the PaaSage project emerged as a development and deployment platform complemented with both a metamodeling methodology and the language CAMEL that allow enterprise system developers accessing cloud platform services by abstracting from the details of a specific technology and, at the same time, guiding them to configure their applications for better performance (Challita et al., 2020). Besides, the Artist project (Menychtas et al, 2014) presents a complete methodology and a framework for the effective migration of legacy software to modern cloud environments in the context of ADM (Architecture Driven Modernization) (ADM, 2020). On the other hand, Favre (2018) describes a migration process based on MDE from object-oriented software to different mobile platforms by integrating metamodeling and cross-platform developments in the multiplatform language HaXe. Recently, Geismann and Bodden (2020) showed that MDE is a leading paradigm for developing Cyber-physical systems (CPS) due to it enables the developer to verify safety requirements in early development phases allowing make secure-by-design CPS.
The essence of the above-mentioned MDE developments are metamodels defined for each specific context. To achieve secure systems it is a prerequisite to have secure metamodels due to having errors in a metamodel leads to having errors in its instances (models). Formal methods can help solve this problem providing systematic and rigorous techniques to reduce ambiguities and inconsistencies in the requirement specification of the software.