## FEATURES: "Assumptions", "Diplodocus", "Avatar", "SysML-Sec", "Requirements", "AttackTrees", "Properties", "Partitioning", "Analysis", "Design", "Prototyping", "SecurityProtocol", "CodeGeneration" ##PROPS: "Safety", "Security", "Performance" ## Not case sensitive #FILE HelloWorldCodeGeneration.xml -FEATURES Design Avatar CodeGeneration -PROPS Safety -DESCRIPTION This model shows how to generate code from a software design diagram -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG HelloWorldCodeGeneration.png #FILE assumptions_drone.xml -FEATURES Assumptions Design Avatar -PROPS Safety -DESCRIPTION This model shows how to efficiently manage the use of assumptions using a drone system. -AUTHOR Ludovic Apvrille (Telecom Paris) and Pierre de Saqui-Sannes (ISAE-SUPAERO) -IMG assumptions_drone.png #FILE CoffeeMachine_Avatar.xml -FEATURES Requirements Design Avatar -PROPS Safety -DESCRIPTION This coffee machine can in fact deliver tea and coffee. The coin system is modeled with its environment, i.e. a wallet. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG CoffeeMachine_Avatar.png #FILE ZigBeeTutorial.xml -FEATURES Partitioning Diplodocus -PROPS Safety Performance Codegeneration -DESCRIPTION Partitioning of the zigbee physical layer: functional view, and different mappings and communication protocols -AUTHOR Andrea Enrici (Nokia), Renaud Pacalet (Telecom Paris) and Ludovic Apvrille (Telecom Paris) -IMG ZigBeeTutorial.png #FILE RemotelyControlledAlarm.xml -FEATURES Analysis Avatar -PROPS Safety -DESCRIPTION Complex scenarios to explain how a remotely controlled alarm works. -AUTHOR Pierre de Saqui-Sannes (ISAE) -IMG RemotelyControlledAlarm.png #FILE SmokeDetector.xml -FEATURES Assumptions Analysis Requirements Design Avatar -PROPS Safety -DESCRIPTION Full Avatar method is presented with a simple smoke detector system -AUTHOR Pierre de Saqui-Sannes (ISAE-SUPAERO) -IMG SmokeDetector.png #FILE ATM.xml -FEATURES Requirements Design Avatar Analysis Assumptions -PROPS Safety -DESCRIPTION ATM, from assumptions to design - full avatar methodology is covered. -AUTHOR Pierre de Saqui-Sannes (ISAE-SUPAERO) -IMG ATM.png #FILE AvatarNetworkModeling.xml -FEATURES Design Avatar -PROPS Safety -DESCRIPTION This model features a basic communication between a client and a server through a network. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG AvatarNetworkModeling.png #FILE Network_Avatar.xml -FEATURES Design Avatar -PROPS Safety -DESCRIPTION This model features an advanced communication between several clients and a server through a network. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG Network_Avatar.png #FILE ebook_reader_01.xml -FEATURES Design Avatar -PROPS Safety -DESCRIPTION This model features a ebook reading application capable of prefetching the next pages to be read. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG ebook_reader_01.png #FILE BrakingApp_Prototyping.xml -FEATURES Diplodocus Partitioning Requirements Design Avatar Prototyping CodeGeneration -PROPS Safety Performance -DESCRIPTION Partitioning and software design of an emergency braking application inspired from the EVITA FP7 use cases. Model presented at the DASIP'2016 conference. -AUTHOR Ludovic Apvrille (Telecom Paris), Letitia Li (VEDECOM, Telecom Paris), Daniela Genius (LIP6) -IMG BrakingApp_Prototyping.png #FILE MicroWaveOven_SafetySecurity_fullMethodo.xml -FEATURES Requirements Attacktrees Properties Analysis Design Avatar SysML-Sec CodeGeneration -PROPS Safety Security -DESCRIPTION This microwave can be remotely controlled. The software methdology is totaly covered: requirements, attack trees, properties, use cases, scenarios, activity diagram and software design. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG MicroWaveOven_SafetySecurity_fullMethodo.png #FILE AFDX.xml -FEATURES Design -PROPS Safety -DESCRIPTION This models features a complex AFDX (Avionics Full DupleX switched Ethernet) network. This model nicely illustrates the interest of dependency graphs -AUTHOR Oana Hotescu (ISAE-SUPAERO), Pierre de Saqui-Sannes (ISAE-SUPAERO), Ludovic Apvrille (Telecom Paris) -IMG AFDX.png #FILE PressureController.xml -FEATURES Design Avatar CodeGeneration -PROPS Safety -DESCRIPTION This pressure controller rings an alarm when the pressure goes over a threshold. An external GUI can be used to control the C code that can be generated from the design. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG PressureController.png #FILE AirbusDoor.xml -FEATURES Assumptions Analysis Design Avatar -PROPS Safety -DESCRIPTION This model features an cockpit door managed by a lock button. Two pilots, a crew member and a passenger are modeled. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG AirbusDoor.png #FILE EVITA_KeyingProtocol.xml -FEATURES Design SysML-Sec securityprotocol -PROPS Security -DESCRIPTION Versions of the Keying protocol - to distribute session keys - as defined in the EVITA FP7 european project: key distribution with a Key Master, of asymetric key distribution. -AUTHOR Ludovic Apvrille (Telecom Paris) and Yves Roudier (EURECOM) -IMG EVITA_KeyingProtocol.png #FILE SmartCardProtocol.xml -FEATURES Partitioning Diplodocus -PROPS Safety Performance -DESCRIPTION Partitioning of a smartcard system: functional view, and two different mappings (one CPU, CPUs and hardware accelerators) -AUTHOR Chafic Jaber and Ludovic Apvrille (Telecom Paris) -IMG SmartCardProtocol.png #FILE AliceAndBob.xml -FEATURES Design securityprotocol sysml-sec -PROPS Security -DESCRIPTION Different version of a same basic system in which a message is "securely" exchanged. Different communication schemes include symetric cryptography - with a pre shared key - and Diffie-Hellman. -AUTHOR Florian Lugou (Telecom Paris) -IMG AliceAndBob.png #FILE TLS.xml -FEATURES Requirements Design SysML-Sec securityprotocol -PROPS Security -DESCRIPTION Security model for the TLS protocol used e.g. in https connections. Three different designs are presented: TLS with non authentication on client, TLS with authenticated client, and non authenticated client modeld with the use of functions (simplication of the design). -AUTHOR Florian Lugou (Telecom Paris) -IMG TLS.png #FILE DSE_KDP.xml -FEATURES Requirements SysML-Sec Partitioning -PROPS Security Performance -DESCRIPTION The model provides two systems. A first one is used to asses the average load of a main CAN bus in an automotive system when no security is provided. Then, the system is enhanced with a key distribution protocol: its impact on the performance, and e.g., the load of the CAN bus, can be studied. -AUTHOR Ludovic Apvrille (Telecom Paris), Letitia Li (VEDECOM, Telecom Paris) -IMG DSE_KDP.png #FILE stuxnet.xml -FEATURES AttackTrees SysML-Sec -PROPS Security -DESCRIPTION Attack trees of the Stuxnet attack. This attack consisted in entering into SCADA devices through a Windows PC. -AUTHOR Huynh Dan VO and Quang Huy TRUONG (Eurecom) -IMG at_zeuszitmo.png #FILE at_zeuszitmo.xml -FEATURES AttackTrees SysML-Sec -PROPS Security -DESCRIPTION This attack tree represents the Zeus/Zitmo attack that targetted banking systems which transations rely on TANs. The attack involves both the Windows PC and the mobile phone of the victim. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG at_zeuszitmo.png #FILE at_chuli.xml -FEATURES AttackTrees SysML-Sec -PROPS Security -DESCRIPTION Attack tree of the Android Chuli spyware spying at incoming SMS -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG at_chuli.png #FILE MultiBankSynthesis.xml -FEATURES Analysis SysML-Sec securityprotocol -PROPS Security -DESCRIPTION Security protocols using Sequence Diagrams for secure multi-bank synthesis systems -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG MultiBankSynthesis.png #FILE SGX_key_exchange.xml -FEATURES Design SysML-Sec securityprotocol -PROPS Security -DESCRIPTION Security protocols using Software design diagrams. Model of a key distribution protocol within the intel SGX system. -AUTHOR Florian Lugou (Telecom Paris) -IMG SGX_key_exchange.png #FILE X3DH.xml -FEATURES Design SysML-Sec securityprotocol -PROPS Security -DESCRIPTION X3DH Security protocol. Used in several messaging apps (e.g., signal) -AUTHOR David Breda (Eurecom), Jean-Rémi Ducreux (Eurecom), Ludovic Apvrille (Telecom Paris), Florian Lugou (Telecom Paris) -IMG SGX_key_exchange.png #FILE SysMLSecTutorial.xml -FEATURES Requirements AttackTrees Design SysML-Sec securityprotocol partitioning -PROPS Security -DESCRIPTION Simple toy example in order to start with SysML-Sec -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG SysMLSecTutorial.png #FILE UAV.xml -FEATURES Assumptions Requirements Analysis Design AVATAR -PROPS Safety Performance -DESCRIPTION Complete AVATAR model using a UAV system -AUTHOR Ludovic Apvrille (Telecom Paris), Pierre de Saqui-Sannes (ISAE SUPAERO) -IMG UAV.png #FILE usingConstantValues.xml -FEATURES Avatar Design -PROPS Safety -DESCRIPTION Illustrates the use of types and constant in AVATAR design -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG usingConstantValues.png #FILE BroadcastChannels.xml -FEATURES Avatar Design -PROPS Safety -DESCRIPTION Illustrates the use of broadcast channels in AVATAR design -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG BroadcastChannels.png #FILE DataExchange.xml -FEATURES Avatar Design CodeGeneration -PROPS Safety -DESCRIPTION Illustrates how to exchange data between blocks using C code. Beware: this C code is not taken into account by the simulator or the model-checker. -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG DataExchange.png #FILE ExampleADSD.xml -FEATURES Avatar Analysis -PROPS Safety -DESCRIPTION Illustrates how to combine Activity and sequence diagrams to build up complex scenarios -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG ExampleADSD.png #File ITSDemo.xml -FEATURES Diplodocus SysML-Sec Partitioning -PROPS Safety Security Performance -DESCRIPTION this demo was presented at ITS'2017. It Illustrates how to perform a tradeoff between safety, security and performance aspects -AUTHOR Ludovic Apvrille (Telecom Paris), Letitia LI -IMG ITSDemo.png #File Rovers_SPARTA_DIPLO.xml -FEATURES Diplodocus SysML-Sec W-Sec Partitioning -PROPS Safety Security Performance -DESCRIPTION This model features the platform of rovers of a platoon. It was built in the scope of the SPARTA European project. It Illustrates how to perform a tradeoff between safety, security and performance aspects -AUTHOR Bastien Sultan (Telecom Paris), Ludovic Apvrille (Telecom Paris) -IMG Rovers_SPARTA_DIPLO.png #File testPLAN.xml -FEATURES Diplodocus PLAN -PROPS Performance -DESCRIPTION This model features data transfers between tasks. Its goal is to illustrate how contention can affect system simulations. Also, this model is used to evaluate the analysis of simulation traces (PLAN) -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG testPLAN.png #File AliceAndBobHW.xml -FEATURES Diplodocus Security -PROPS Performance Security -DESCRIPTION This model features data transfers between tasks. Its goal is to illustrate how contention can affect system simulations. Also, this model is used to evaluate the analysis of simulation traces (PLAN) -AUTHOR Jawher Jerray, Letitia Li, Ludovic Apvrille (Telecom Paris) -IMG AliceAndBobHW.png #File spynote.xml -FEATURES Security SysML-Sec AttackTrees -PROPS Security -DESCRIPTION This model presets the typical attack tree of the SpyNote malware as described in https://www.fortinet.com/blog/threat-research/android-spynote-moves-to-crypto-currencies -AUTHOR Ludovic Apvrille (Telecom Paris) -IMG spynote.png