Confidentiality in the process of (model-driven) software development

Michael Johnson, Perdita Stevens

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

6 Citations (Scopus)


Much is now understood about how to develop software that will have good security properties in use. We claim that a topic which needs more attention, in particular from the Bx community, is security, especially confidentiality, in the software development process itself. What is then at issue is not what particular users of the software may be allowed to know, but rather, what particular developers of the software may be allowed to know. How can software development processes guarantee to respect confidentiality without compromising effective development? The question is of general interest across software engineering, but model-driven development (MDD) seems a particularly promising arena in which to address it, because of MDD's focus on separation of concerns. In MDD, different people work with separate models, where (ideally) each model records all and only the information necessary to those who work with it. When necessary, the models are reconciled by bidirectional transformations, which automate a process which would otherwise have to be undertaken manually by the groups of experts meeting and studying both their models in order to bring them back into consistency. In model-driven development confidentiality issues become particularly clear and tractable, and bidirectional transformations have a key technical role. We hope to encourage the community to take up this challenge, and in this paper we begin our own analysis of a selection of the issues, focusing particularly on developing a threat model and some examples of secure restoration of consistency.

Original languageEnglish
Title of host publicationConference Companion of the 2nd International Conference on Art, Science, and Engineering of Programming
Subtitle of host publicationProgramming 2018
Place of PublicationNew York, NY
PublisherAssociation for Computing Machinery
Number of pages8
VolumePart F137691
ISBN (Print)9781450355131
Publication statusPublished - 9 Apr 2018
Event2nd International Conference on Art, Science, and Engineering of Programming, Programming 2018 - Nice, France
Duration: 9 Apr 201812 Apr 2018


Conference2nd International Conference on Art, Science, and Engineering of Programming, Programming 2018


  • Confidentiality
  • Cospan
  • Model-driven software development
  • Security


Dive into the research topics of 'Confidentiality in the process of (model-driven) software development'. Together they form a unique fingerprint.

Cite this