{"ID":6023412,"CreatedAt":"2026-07-08T01:00:23.257252134Z","UpdatedAt":"2026-07-10T07:06:49.437437808Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2607.05913","arxiv_id":"2607.05913","title":"xDECAF: An Extensible Data Flow Diagram Analysis Framework for Information Security","abstract":"xDECAF is an extensible tool for architecture-based data flow analysis with a focus on information security. It combines an extended data flow diagram metamodel of labeled flows and nodes, a domain-specific constraint language with different flow operations, and a browser-based editor backed by an analysis engine. In this paper, we present the xDECAF tool library and a curated catalog of over 20 example models with documented constraints and expected violations, intended as a reusable dataset for the community. The tool has already been adopted by several research lines, providing concrete evidence of its utility. The tool, dataset, and a hosted online editor are publicly available.","short_abstract":"xDECAF is an extensible tool for architecture-based data flow analysis with a focus on information security. It combines an extended data flow diagram metamodel of labeled flows and nodes, a domain-specific constraint language with different flow operations, and a browser-based editor backed by an analysis engine. In t...","url_abs":"https://arxiv.org/abs/2607.05913","url_pdf":"https://arxiv.org/pdf/2607.05913v1","authors":"[\"Benjamin Arp\",\"Felix Schwickerath\",\"Alexander Vogt\",\"Tom Hüller\",\"Nils Niehues\",\"Nicolas Boltz\"]","published":"2026-07-07T07:08:49Z","proceeding":"cs.SE","tasks":"[\"cs.SE\",\"cs.CR\"]","methods":"[]","has_code":false}
