The Karlsruhe Data Flow Diagram Analysis — An extensible data flow analysis framework for information security.
We provide an open-source data flow analysis framework that leverages the power of label propagation to provide software architects with simple yet powerful means to analyze privacy-related quality properties like confidentiality. The analysis has been incorporated with the Palladio Software Architecture Simulator and also provides various input and output formats as well as a textual domain-specific language (DSL) for the formulation of data flow constraints and queries. The research originates from the DSiS group, KASTEL Institute, Karlsruhe Institute of Technology (KIT), is used in various research projects including KASTEL, ANYMOS, SofDCar, Trust 4.0, and FluidTrust.
The project is driven by Nicolas Boltz, Sebastian Hahner, Nils Niehues.
Our analysis uses label propagation to analyze the characteristics of data flows. First, we extract all possible data flows from data flow diagrams or annotated software architecture models. The extracted data flows are represented as Transpose Flow Graph (TFGs) that contain all relevant information about the characteristics of the flowing data and its processing, e.g., by components or servers. We propagate these characteristics through the flow graphs and compare the result against pre-formulated constraints to detect violations of confidentiality, or privacy in general. Exemplary questions are:
Palladio is a software architecture simulation approach which analyses software at the model level for performance bottlenecks, scalability issues, reliability threats, and allows for subsequent optimisation.