Formal Information-Flow Analysis of Component-Based Systems

The Project

A central question in IT Security is to ensure accessibility to sensible data for authorized people only. Furthermore, the use of component-based systems allows a modular design of software and inmproves the reusability of system parts.

Our goal is to perform security analysis of component-based systems during system design. We concentrate on confidentiality of information and aim for a correct method of analysis.

In coorperation with our project partner, we choose a real world example and provide a matching component model of the system. According to the system implementation, we refine the system into different parts and provide a specification reflecting the actual behaviour of the parts. Finally, we analyse the model with respect to security properties using methods from information-flow analysis.

The project is led by Prof. Bernhard Beckert and managed by Simon Greiner. It is part of the BMBF funded Software Campus Project. We cooperate with partners from DHL IT-Services.

funded by: in cooperation with:
Software Campus Bundesministerium für Bildung und Forschung Deutsche Post DHL