Skip to Main Content
A formal method for software development often introduces a gap between rigidity of the method and informal nature of system requirements. This paper presents a UML-based framework for design and analysis of dependable software while narrowing such a gap. We model the intended functions of a software application with UML statecharts and security threats, i.e., potential attacks, with sequence diagrams. The statechart diagrams are converted into a graph transformation system, which is a well-studied formal method. This allows security threats to be verified against intended functions.