Towards evolving secured multi-model systems with model federation

In order to deal with the increasing complexity of nowadays systems, model-based system engineering (MBSE) promotes the use of models all along the engineering phases. In this scenario, systems are often represented by a set of models, conforming to different modeling languages and built with different tools. This multiplicity and heterogeneity are challenging when models evolve as they may easily become inconsistent. This is even more crucial when we deal with security requirements. Indeed, being a critical property of systems, security has been integrated in MBSE so that it can be dealt with since the early phases of the project (in what is called "security-by-design"). Consequently, it needs to be taken into account as well when the system evolves in order to avoid potential security issues. In order to tackle this problem, we propose here to leverage on the model federation paradigm, which promotes the reification of the dependencies between heterogeneous models. Concretely, we propose the creation of a security model federation. In this federation, security related dependencies between the models representing a system are reified and equipped with security rules that can be (re)evaluated upon evolution scenarios in order to determine whether a given change impacts security. We provide an initial methodology for building such a federation and demonstrate the feasibility of the approach with a prototype implementation.