International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Security System in UML Diagrams: A Literature Review

Asmaa Hadi AlbayatiDepartment of Software, College of Computer Sciences and Mathematics, University of Mosul-IraqTaghreed Riyadh AlreffaeeDepartment of Software, College of Computer Sciences and Mathematics, University of Mosul-IraqAnfal A. FadhilDepartment of Software, College of Computer Sciences and Mathematics, University of Mosul-Iraq

Vol 9 No 5 (2025): Volume 9, Issue 5, May 2025 | Pages: 213-222

International Research Journal of Innovations in Engineering and Technology

OPEN ACCESS | Research Article | Published Date: 24-05-2025

doi Logo doi.org/10.47001/IRJIET/2025.905028

pdf iconFull Text PDF
Abstract

Although software artifacts nowadays have a variety of quality attributes, security has become less responsive for a variety of reasons. For example, different organizations have varied definitions of security, and as a result, they implement security metrics differently, making it difficult to determine which attributes should be taken into account when evaluating security.  Due to the failure of early security design, secure software development remains a study area in many firms. Several scholars have recently proposed that security engineering be incorporated into the early phases of system modeling. This idea entails using the Unified Modeling Language (UML) for various abstractions of systems. However, the majority of these studies dealt with security injection without considering the creation of security infrastructure, producing code for both functional and non-functional sides simultaneously. This article has been reviewed The most significant studies attempt to enhance the productivity of software applications and broad Integrating security at every stage of the software development process, as opposed to only the implementation phase.

Keywords

software security, Unified Modeling Language (UML), class diagram, use case diagrams, Security requirements


Citation of this Article

Asmaa Hadi Albayati, Taghreed Riyadh Alreffaee, & Anfal A. Fadhil. (2025). Security System in UML Diagrams: A Literature Review. International Research Journal of Innovations in Engineering and Technology - IRJIET, 9(5), 213-222. Article DOI https://doi.org/10.47001/IRJIET/2025.905028

Licence Copyright (c) 2026 International Research Journal of Innovations in Engineering and Technology creative common licence This work is licensed under Creative common Attribution Non Commercial 4.0 Internation Licence
References
  1. M. J. Peterson, J. B. Bowles and C. M. Eastman, "UMLpac: An Approach for Integrating Security into UML Class Design", Proceedings of the IEEE Southeast Con 2006, Memphis, TN, USA, pp. 267-272, doi:10.1109/second.2006.1629362, 2006.
  2. A.F. Zorzo, F.M.d. Oliveira, “Specifying security aspects in uml models”, Lecture Notes in Computer Science, Springer, 2009.
  3. Gorton, “Essential software architecture”, Springer Science & Business Media, 2006.
  4. ISO/IEC 25010:2011: Systems and software engineering - Systems and software Quality Requirements and  Evaluation 2011.
  5. M. Alshayeb, H. Mumtaz, S. Mahmood and M. Niazi, "Improving the Security of UML Sequence Diagram Using Genetic Algorithm," in IEEE Access, vol. 8, pp. 62738-62761, doi: 10.1109/ACCESS.2020.2981742, 2020.
  6. B. Bhatt1, M. Nandu2. “An Overview of Structural UML Diagrams”, International Research Journal of Engineering and Technology (IRJET). Volume: 08 Issue: 08. e-ISSN: 2395-0056, p-ISSN: 2395-0072, Aug 2021.
  7. L. B. R. dos Santos, V. A. de Santiago Junior, and L. N. Vijaykumar, “Transformation of UML Behavioral Diagrams to Support Software Model Checking,” Electron. Proc. Theor. Comput. Sci., vol. 147, pp. 133–142, Apr. 2014.
  8. Metzner, "Systematic Teaching of UML and Behavioral Diagrams," 2024 36th International Conference on Software Engineering Education and Training (CSEE&T), Würzburg, Germany, 2024, pp. 1-5, doi:10.1109/CSEET62301.2024.10663036.
  9. Kitchenham, "Procedures for performing systematic reviews," Keele, UK, Keele University, vol. 33, no. 2004, pp. 1-26, 2004.
  10. H. Koç, A. M. Erdoğan, Y. Barjakly, and S. Peker, “UML diagrams in software engineering research: A systematic literature review,” Proceedings, vol. 74, no. 1, Mar. 2021, Art. no. 13.https://doi.org/10.3390/proceedings2021074013.
  11. P.Forbrig, “Objektorientierte Softwareentwicklungmit UML”, Carl Hanser, 2024.
  12. M. El-Attar, H. Luqman, P. Kárpáti, G. Sindre and A. L. Opdahl, "Extending the UML Statecharts Notation to Model Security Aspects," in IEEE Transactions on Software Engineering, vol. 41, no. 7, pp. 661-690, 1 July 2015, doi:10.1109/TSE.2015.2396526.
  13. F. Ciccozzi, I. Malavolta, B. Selic, "Execution of UML models: a systematic review of research and practice", Software & Systems Modeling, Vol. 18, pp. 2313–2360, 2019.DOI: 10.1007/s10270-018-0675-4.
  14. J. Jürjens, “Secure Systems Development with UML”,  Springer-Verlag. 2004.
  15. D. Mouheb, C. Talhi, V. Lima, M. Debbabi, L. Wang, and M. Pourzandi, “Weaving security aspects into UML 2.0 design models”, In Proceedings of the 13th workshop on Aspect-oriented modeling, pages 7–12, Charlottesville, Virginia, USA, 2009, ACM.
  16. F. M. Rachel & P. S. Cugnasca, "Using UML diagrams for system safety and security environment analysis. "International conference on computer aided design, manufacture, and operation in the railway and other advanced mass transit systems; Computers in railways X, vol. 88, pp. 319-328, WIT, 2006.
  17. N. Zannone, “A Requirements Engineering Methodology for Trust, Security, and Privacy”, Ph.D. thesis, University of Trento, 2007.
  18. F. Massacci, J. Mylopoulos, and N. Zannone, “Security requirements engineering:Thesi* modeling language and the secure tropos methodology,” Advances in Intelligent Information Systems, pp. 147–174, 2010.
  19. T. Lodderstedt, D. Basin, and J. Doser, “SecureUML: A UML-based modeling language for model-driven
  20. security”, In: International Conference on the Unified Modeling Language, pages 426–441, 2002, https:  //doi.org/10.1007/3-540-45800-X_33.
  21. J. Jürjens, “UMLsec: Extending UML for secure systems development. In: UML”,  The Unified Modeling Language, 5th International Conference, Dresden, Germany, September 30 - October 4, vol. 2460, pp. 412– 425, 2002.
  22. S. Houmb, K. Hansen, Towards a UML profile for Security Assessment, in: Work. on Critical Systems Development with UML, pp. 815–829, 2003.
  23. J. Jürjens, "Model-based security engineering with UML", International School on Foundations of Security Analysis and Design. Berlin, Heidelberg, p. 42-77, 2004, https://doi.org/10.1007/11554578_2.
  24. Zhitang Li et al, "USP: Modeling security protocol with UML", Network Architectures, Management, and Applications IV, Vol. 6354, SPIE, 2006, https://doi.org/10.1117/12.689087.
  25. D. C. Petriu, C. M. Woodside, D. B. Petriu et al., "Performance analysis of security aspects in UML models", Proceedings of the 6th International Workshop on Software and Performance (WOPS ‘07), pp. 91-102, February 2007.
  26. N. Moebius, W. Reif, and K. Stenzel, “Modeling security-critical applications with UML in the Secure MDD approach,” International Journal On Advances in Software, vol. 1, no. 1, pp. 59–79, 2009.
  27. J. Kong, D. Xu, and X. Zeng, “Uml-Based Modeling and Analysis of Security Threats,” International Journal of Software Engineering and Knowledge Engineering, vol. 20, no. 06, pp. 875–897, Sep. 2010.
  28. V. Saxena and Ansari, G.A., Ajay Pratap, “Enhancing Security through UML”, International Journal of Computer Sciences, Software Engineering and Electrical Communication Engineering, Vol. 2(1), pp. 31-36,  June 2011.
  29. S. Smith, A. Beaulieu and W. G. Phillips, "Modeling and verifying security protocols using UML 2", 2011  IEEE International Systems Conference, Montreal, QC, Canada, 2011, pp. 72-79, doi:10.1109/SYSCON.2011.5929088.
  30. S. Batool and S. Asghar, “Secure State UML: Modeling and Testing Security Concerns of Software Systems Using UML State Machine”, Research Journal of Applied Sciences, Engineering and Technology 7(18): 3786- 3790, 2014.
  31. D. A. Robles-Ramirez, P. J. Escamilla-Ambrosio and T. Tryfonas, "IoTsec: UML Extension for Internet of Things Systems Security Modelling", 2017 International Conference on Mechatronics, Electronics and Automotive Engineering (ICMEAE), Cuernavaca, Mexico, pp. 151-156, 2017, doi: 10.1109/ICMEAE.2017.20.
  32. A.Lasbahani, M. Chhiba, A. Tabyaoui, "A Model Transformation Methodology for Security Integration and Code Generation from Sequence Diagram of System's Internal Behavior", International Review on Modelling and Simulations (IREMOS), vol. 11, n. 2, pp. 102-116, apr. 2018, ISSN 2533-1701.
  33. P. J. Escamilla-Ambrosio, D. A. Robles-Ramírez, T. Tryfonas, A. Rodríguez-Mota, G. Gallegos-García and M. Salinas-Rosales, "IoTsecM: A UML/SysML Extension for Internet of Things Security Modeling", in IEEE Access, vol. 9, pp. 154112-154135, 2021, doi: 10.1109/ACCESS.2021.3125979.
  34. H. Meziane and N. Ouerdi, “A Study of ModellingIoT Security Systems with Unified Modelling Language (UML)” International Journal of Advanced Computer Science and Applications(IJACSA), Vol. 13, No. 11, 2022, http://dx.doi.org/10.14569/IJACSA.2022.0131130.
  35. T. Tam, A. Rao, J. Hall, "Structuring the Chaos: Enabling Small Business Cyber-Security Risks & Assets Modelling with a UML Class Model", arXiv preprint arXiv: 2403.14872. 2024.

Copyright @ 2026 IRJIET. All Right Reserved.

Licensed underCreative Commons Attribution 4.0 International License.