ÌǹûÅɶÔ

Model-driven engineering (MDE) is a systematic approach that emphasizes the creation and utilization of domain-specific models as the primary means of understanding, designing, and developing complex systems. In the context of designing trustworthy systems, MDE serves as a powerful paradigm to address critical software quality attributes such as security, privacy, transparency, fairness, and reliability, right from the design phase of system development.

MDE facilitates reasoning about these attributes by abstracting system complexities into high-level models that encapsulate key properties and constraints. This abstraction enables system engineers to focus on trust-related aspects during the design phase, such as identifying potential security vulnerabilities, ensuring compliance with privacy regulations, or verifying transparency and fairness in algorithmic decision-making. By leveraging formalized models, MDE techniques allow for systematic exploration of design trade-offs and validation of system behaviors under various scenarios.

Specific MDE techniques for trustworthy system design include:

• Model-based analysis for quality assurance: Early detection of system errors, security vulnerabilities, and privacy risks through systematic model analysis helps prevent issues before implementation. For instance, threat modelling using security-specific extensions of UML or SysML can highlight potential attack vectors.
• Domain-specific modelling for reusable patterns: The development of domain-specific modelling languages (DSMLs) tailored to trustworthy system design supports the encapsulation of best practices and reusable patterns for addressing security, privacy, and other attributes. These patterns enhance design efficiency and consistency.
• Model transformation and consistency management: Automated model transformations ensure the alignment of design models with implementation artifacts, preserving trust-related properties across abstraction levels. For example, security policies specified at a high-level design model can be systematically propagated and enforced in code generation.
• Trustworthiness Assessment and Assurance using Verification & Validation (V&V): Promoting quality and addressing the growing need for early V&V of system behaviours in dynamic environments through event- and data-driven analysis. By employing software engineering best practices, we support effective decision-making throughout system development. Various formal V&V and static analysis techniques are utilized to: 1. Ensure quality assurance, including safety, security, fairness, transparency, and standard compliance; 2. Prove the correctness and consistency of DSL patterns and model transformations; 3. Guide the correct identification of design models; 4. Provide means of model integration and interoperability between different models; 5. Enable collaboration in early V&V across modelling languages and tools, while supporting re-use and ensuring scalability.

We address real-world challenges by engaging in both academic and industrial collaborations at national and international level. Please contact us if you are interested in building a partnership or conducting research.