{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,3]],"date-time":"2025-07-03T04:05:39Z","timestamp":1751515539705,"version":"3.41.0"},"reference-count":38,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2018,3,6]],"date-time":"2018-03-06T00:00:00Z","timestamp":1520294400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/100010669","name":"H2020 LEIT Information and Communication Technologies","doi-asserted-by":"publisher","award":["644080"],"award-info":[{"award-number":["644080"]}],"id":[{"id":"10.13039\/100010669","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"published-print":{"date-parts":[[2018,11]]},"DOI":"10.1007\/s11416-018-0317-y","type":"journal-article","created":{"date-parts":[[2018,3,6]],"date-time":"2018-03-06T02:06:18Z","timestamp":1520301978000},"page":"269-289","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Verifying data secure flow in AUTOSAR models"],"prefix":"10.1007","volume":"14","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1604-4465","authenticated-orcid":false,"given":"Cinzia","family":"Bernardeschi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marco","family":"Di Natale","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gianluca","family":"Dini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maurizio","family":"Palmieri","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,3,6]]},"reference":[{"key":"317_CR1","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/3-540-28428-1_3","volume-title":"Embedded Security in Cars","author":"A Adelsbach","year":"2006","unstructured":"Adelsbach, A., Huber, U., Sadeghi, A.: Secure software delivery and installation in embedded systems. In: Lemke, K., Paar, C., Wolf, M. (eds.) Embedded Security in Cars, pp. 27\u201349. Springer, Berlin (2006)"},{"key":"317_CR2","unstructured":"AUTOSAR: https:\/\/www.autosar.org\/"},{"key":"317_CR3","unstructured":"AUTOSAR: General Requirements on Basic Software Modules. https:\/\/www.autosar.org\/fileadmin\/user_upload\/standards\/classic\/3-2\/AUTOSAR_SRS_General.pdf"},{"key":"317_CR4","unstructured":"AUTOSAR: Safety Use Case Example. https:\/\/www.autosar.org\/fileadmin\/user_upload\/standards\/classic\/4-3\/AUTOSAR_EXP_SafetyUseCase.pdf"},{"key":"317_CR5","unstructured":"AUTOSAR: Specification of Crypto Abstraction Library. https:\/\/www.autosar.org\/fileadmin\/user_upload\/standards\/classic\/4-1\/AUTOSAR_SWS_CryptoAbstractionLibrary.pdf"},{"key":"317_CR6","unstructured":"AUTOSAR: Specification of Crypto Service Manager. https:\/\/www.autosar.org\/fileadmin\/user_upload\/standards\/classic\/4-1\/AUTOSAR_SWS_CryptoServiceManager.pdf"},{"key":"317_CR7","unstructured":"AUTOSAR: Specification of Module Secure Onboard Communication. https:\/\/www.autosar.org\/fileadmin\/user_upload\/standards\/classic\/4-3\/AUTOSAR_SWS_SecureOnboardCommunication.pdf"},{"issue":"11","key":"317_CR8","doi-asserted-by":"publisher","first-page":"24792493","DOI":"10.1016\/j.jss.2012.05.061","volume":"85","author":"M Avvenuti","year":"2012","unstructured":"Avvenuti, M., Bernardeschi, C., De Francesco, N., Masci, P.: Jcsi: a tool for checking secure information flow in java card applications. J. Syst. Softw. 85(11), 24792493 (2012)","journal-title":"J. Syst. Softw."},{"key":"317_CR9","unstructured":"Banerjee, A., Naumann, D.A.: Secure information flow and pointer confinement in a java-like language. In: Proceedings of the 15th IEEE Workshop on Computer Security Foundations, CSFW\u201902, p. 253, Washington, DC, USA (2002)"},{"issue":"2","key":"317_CR10","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1016\/S0020-0190(02)00219-3","volume":"83","author":"R Barbuti","year":"2002","unstructured":"Barbuti, R., Bernardeschi, C., De Francesco, N.: Abstract interpretation of operational semantics for secure information flow. Inf. Process. Lett. 83(2), 101\u2013108 (2002)","journal-title":"Inf. Process. Lett."},{"key":"317_CR11","doi-asserted-by":"crossref","unstructured":"Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundation. In: MITRE Technical Report 2547, Volume I (1996)","DOI":"10.3233\/JCS-1996-42-308"},{"issue":"13","key":"317_CR12","doi-asserted-by":"publisher","first-page":"1225","DOI":"10.1002\/spe.611","volume":"34","author":"C Bernardeschi","year":"2004","unstructured":"Bernardeschi, C., De Francesco, N., Lettieri, G., Martini, L.: Checking secure information flow in java bytecode by code transformation and standard bytecode verification. Softw. Pract. Exp. 34(13), 1225\u20131255 (2004)","journal-title":"Softw. Pract. Exp."},{"key":"317_CR13","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/978-3-319-47605-6_8","volume-title":"International Working on Modelling and Simulation for Autonomous Systems","author":"C Bernardeschi","year":"2016","unstructured":"Bernardeschi, C., Del Vigna, G., Di Natale, M., Dini, G., Varano, D.: Using autosar high-level specifications for the synthesis of security components in automotive systems. In: Hodicky, J. (ed.) International Working on Modelling and Simulation for Autonomous Systems, pp. 101\u2013117. Springer, Berlin (2016)"},{"key":"317_CR14","doi-asserted-by":"crossref","unstructured":"Bernardeschi, C., Di Natale, M., Dini, G., Varano, D.: Modeling and generation of secure component communications in autosar. In: The 32nd ACM SIGAPP Symposium On Applied Computing. ACM (2017)","DOI":"10.1145\/3019612.3019682"},{"key":"317_CR15","unstructured":"Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium. San Francisco (2011)"},{"issue":"2","key":"317_CR16","doi-asserted-by":"publisher","first-page":"511","DOI":"10.1093\/logcom\/2.4.511","volume":"4","author":"P Cousot","year":"1992","unstructured":"Cousot, P., Cousot, R.: Abstract interpretation frameworks. J. Logic Comput. 4(2), 511\u2013547 (1992)","journal-title":"J. Logic Comput."},{"issue":"20","key":"317_CR17","doi-asserted-by":"publisher","first-page":"504","DOI":"10.1145\/359636.359712","volume":"7","author":"PJ Denning","year":"1977","unstructured":"Denning, P.J., Denning, D.E.: Certification of programs for secure information flow. Commun. ACM 7(20), 504\u2013513 (1977)","journal-title":"Commun. ACM"},{"key":"317_CR18","unstructured":"IBM: Rational Rhapsody. https:\/\/www.ibm.com\/us-en\/marketplace\/rational-rhapsody\/details"},{"key":"317_CR19","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1007\/3-540-45800-X_32","volume-title":"UML 2002\u2013The Unified Modeling Language","author":"J J\u00fcrjens","year":"2002","unstructured":"J\u00fcrjens, J.: UMLsec: extending UML for secure systems development. In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002\u2013The Unified Modeling Language, pp. 412\u2013425. Springer, Berlin (2002)"},{"key":"317_CR20","doi-asserted-by":"crossref","unstructured":"Kehr, S., Pani, M., Quiones, E., Bddeker, B., Sandoval, J.B., Abella, J., Cazorla, F.J., Schfer, G.: Supertask: maximizing runnable-level parallelism in autosar applications. In: 2016 Design, Automation Test in Europe Conference Exhibition (DATE), pp. 25\u201330 (2016)","DOI":"10.3850\/9783981537079_0078"},{"key":"317_CR21","doi-asserted-by":"crossref","unstructured":"Kienberger, J., Minnerup, P., Kuntz, S., Bauer, B.: Analysis and validation of autosar models. In: Proceedings of the 2Nd International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2014, pp. 274\u2013281, Portugal (2014)","DOI":"10.5220\/0004701002740281"},{"key":"317_CR22","doi-asserted-by":"crossref","unstructured":"Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447\u2013462. IEEE (2010)","DOI":"10.1109\/SP.2010.34"},{"key":"317_CR23","doi-asserted-by":"crossref","unstructured":"Leino, K.R.M., Joshi, R.: A semantic approach to secure information flow. In: Proceedings of the 4th International Conference, Mathematics of Program Construction, LNCS 1422, pp. 254\u2013271. Springer, Berlin (1998)","DOI":"10.1007\/BFb0054294"},{"key":"317_CR24","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-28428-1","volume-title":"Embedded Security in Cars","author":"K Lemke","year":"2006","unstructured":"Lemke, K., Paar, C., Wolf, M.: Embedded Security in Cars. Springer, Berlin (2006)"},{"key":"317_CR25","doi-asserted-by":"crossref","unstructured":"Lin, C., Sangiovanni-Vincentelli, A.: Cyber-security for the controller area network (can) communication protocol. In: 2012 International Conference on Cyber Security, pp. 1\u20137. IEEE (2012)","DOI":"10.1109\/CyberSecurity.2012.7"},{"key":"317_CR26","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/3-540-45800-X_33","volume-title":"\u226aUML\u226b 2002 \u2014 The Unified Modeling Language","author":"Torsten Lodderstedt","year":"2002","unstructured":"Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-based modeling language for model-driven security. In: UML 2002\u2014The Unified Modeling Language 2002, pp. 426\u2013441. Springer, Berlin (2002)"},{"issue":"3","key":"317_CR27","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/s00502-015-0301-x","volume":"132","author":"G Macher","year":"2015","unstructured":"Macher, G., Stolz, M., Armengaud, E., Kreiner, C.: Filling the gap between automotive systems, safety, and software engineering. e & i Elektrotechnik und Informationstechnik 132(3), 142\u2013148 (2015)","journal-title":"e & i Elektrotechnik und Informationstechnik"},{"key":"317_CR28","unstructured":"MISRA: Guidelines for the Use of the C Language in Vehicle Based Software. Motor Industry Research Association, Nuneaton (1998)"},{"issue":"1","key":"317_CR29","doi-asserted-by":"publisher","first-page":"727","DOI":"10.1007\/BF03180570","volume":"4","author":"D Mizuno","year":"1992","unstructured":"Mizuno, D., Schmidt, M.: A security flow control algorithm and its denotational semantics correctness proof. Form. Asp. Comput. 4(1), 727\u2013754 (1992)","journal-title":"Form. Asp. Comput."},{"key":"317_CR30","doi-asserted-by":"crossref","unstructured":"Pani, M., Kehr, S., Quiones, E., Boddecker, B., Abella, J., Cazorla, F.J.: Runpar: An allocation algorithm for automotive applications exploiting runnable parallelism in multicores. In: 2014 International Conference on Hardware\/Software Codesign and System Synthesis (CODES+ISSS), pp. 1\u201310 (2014)","DOI":"10.1145\/2656075.2656096"},{"key":"317_CR31","first-page":"707","volume-title":"Data-Flow Based Model Analysis and Its Applications","author":"C Saad","year":"2013","unstructured":"Saad, C., Bauer, B.: Model-Driven Engineering Languages and Systems. MODELS 2013. Lecture Notes in Computer Science. In: Moreira, A., Sch\u00e4tz, B., Gray, J., Vallecillo, A., Clarke, P. (eds.) Data-Flow Based Model Analysis and Its Applications, vol. 8107, pp. 707\u2013723. Springer, Berlin (2013)"},{"key":"317_CR32","doi-asserted-by":"crossref","unstructured":"Saadatmand, M., Leveque, T.: Modeling security aspects in distributed real-time component-based embedded systems. In: 2012 Ninth International Conference on Information Technology: New Generations (ITNG), pp. 437\u2013444. IEEE (2012)","DOI":"10.1109\/ITNG.2012.103"},{"issue":"1","key":"317_CR33","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/JSAC.2002.806121","volume":"21","author":"A Sabelfeld","year":"2003","unstructured":"Sabelfeld, A., Mayers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5\u201319 (2003)","journal-title":"IEEE J. Sel. Areas Commun."},{"key":"317_CR34","first-page":"40","volume-title":"A Per Model of Secure Information Flow in Sequential Programs","author":"A Sabelfeld","year":"1999","unstructured":"Sabelfeld, A., Sands, D.: Programming Languages and Systems. ESOP 1999. Lecture Notes in Computer Science. In: Swierstra, S.D. (ed.) A Per Model of Secure Information Flow in Sequential Programs, vol. 1576, pp. 40\u201358. Springer, Berlin (1999)"},{"key":"317_CR35","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/3-540-28428-1_2","volume-title":"Embedded Security in Cars","author":"W Stephan","year":"2006","unstructured":"Stephan, W., Richter, S., Muller, M.: Aspects of secure vehicle software flashing. In: Lemke, K., Paar, C., Wolf, M. (eds.) Embedded Security in Cars, pp. 17\u201326. Springer, Berlin (2006)"},{"issue":"3","key":"317_CR36","first-page":"167","volume":"4","author":"D Volpano","year":"1992","unstructured":"Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. J. Comput. Secur. 4(3), 167\u2013187 (1992)","journal-title":"J. Comput. Secur."},{"issue":"1","key":"317_CR37","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MM.2013.18","volume":"33","author":"AM Wyglinski","year":"2013","unstructured":"Wyglinski, A.M., Huang, X., Padir, T., Lai, L., Eisenbarth, T.R., Venkatasubramanian, K.: Security of autonomous systems employing embedded computing and sensors. Micro IEEE 33(1), 80\u201386 (2013)","journal-title":"Micro IEEE"},{"key":"317_CR38","doi-asserted-by":"crossref","unstructured":"Zdancewic, S., Myers, A.C.: Secure information flow and cps. In: Proceedings of the 10th European Symposium on Programming Languages and Systems, ESOP\u201901, pp. 46\u201361, London, UK (2001)","DOI":"10.1007\/3-540-45309-1_4"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-018-0317-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-018-0317-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-018-0317-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,2]],"date-time":"2025-07-02T10:35:42Z","timestamp":1751452542000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-018-0317-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,3,6]]},"references-count":38,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2018,11]]}},"alternative-id":["317"],"URL":"https:\/\/doi.org\/10.1007\/s11416-018-0317-y","relation":{},"ISSN":["2263-8733"],"issn-type":[{"type":"electronic","value":"2263-8733"}],"subject":[],"published":{"date-parts":[[2018,3,6]]},"assertion":[{"value":"10 July 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 February 2018","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"6 March 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}