- In this paper we introduce a method to apply model-driven ideas to the development of secure systems. Using MDD techniques, our approach, called SecureMDD, provides a possibility to verify the correctness of a system at the modelling stage. To do so, we generate different platformspecific models from one common platform-independent UML model. The considered platforms are JavaCard and a formal model. The formal model is used for the verification of security properties. For the verification results to carry over to the Java(Card) code, these models have to be equivalent with respect to security aspects. This requires complete code generation without the possibility to manually complete the Java(Card) code. To devise such sophisticated models, we extend action elements of activity diagrams. In this paper we focus on the part of our approach which is used to generate secure smartcard code.
