Model-based Evaluation and Design for Secure Architecture

Abstract

Designing optimal architectures for software systems is difficult, as the number of design alternatives and component interactions can be overwhelmingly large to evaluate and compare. To address this, model-based approaches have been previously proposed to assess and predict the quality attributes of systems, and to visualise, compare, and optimise system architectures. However, integrating security considerations into existing architecture evaluation techniques is challenging because unlike quality attributes such as cost and performance, the security of systems is hard to measure and compare. Moreover, existing approaches have not previously been shown to evaluate interdependencies between security and other quality attributes. This thesis aims to improve our understanding of secure software system architecture design, evaluation, and optimisation. There are two main areas of research contribution. First, is the development and evaluation of a method to predict the performance of secure software architectures for various configurations of security-related parameters. Second, is the exploration of how to optimise secure software architectures for performance, considering overall security of the system. We investigated the first research goal using two different types of secure systems: blockchain-based systems where the main focus is data integrity, and privacy-preserving computing systems where the main focus is confidentiality. We investigated our second research goal in a study demonstrating the feasibility of integrating a simple security analysis technique, with an existing architecture-level performance approach. We then demonstrated how to combine performance modelling, security evaluation modelling, and cost modelling in identifying optimal candidate architectures. Based on our studies, we conclude that it is feasible to extend state-of-the-art architectural modelling and performance analysis techniques to support security analyses. Moreover, these techniques can be used for architecture optimisation. This research will help architects to select optimal candidate architectures, considering security parameters along-side other quality attributes. This research opens up new research directions in modelling various types of secure systems, integrating various types of security analysis techniques with architecture modelling, and in optimising various secure systems considering security along with other quality attributes.