loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Monica Buitrago 1 ; Isabelle Borne 1 and Jérémy Buisson 2

Affiliations: 1 IRISA, Université de Bretagne Sud, France ; 2 CRéA,École de l’Air et de l’Espace, France

Keyword(s): Software Architecture, Security-by-Design, Metric, Security, Model-Based Engineering.

Abstract: Security-by-design considers security throughout the whole development lifecycle, to detect and fix potential issues as early as possible. With this approach, the software architect should assess some security level of the software architecture, to predict whether the software under development will have security issues. Previous works proposed several metrics to measure the attack surface, the attackability, and the satisfaction of security requirements on the software architecture. However, proving the correlation between these metrics and security is far from trivial. To circumvent this difficulty, we propose new metrics rooted in CWE, NIST guidelines and security patterns. So, our four novel metrics measure the conformance of the software architecture to these acknowledged security-related recommendations. The usage of our metrics is evaluated with case studies.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.149.28.185

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Buitrago, M.; Borne, I. and Buisson, J. (2024). Model-Based Assessment of Conformance to Acknowledged Security-Related Software Architecture Good Practices. In Proceedings of the 12th International Conference on Model-Based Software and Systems Engineering - MODELSWARD; ISBN 978-989-758-682-8; ISSN 2184-4348, SciTePress, pages 117-124. DOI: 10.5220/0012312400003645

@conference{modelsward24,
author={Monica Buitrago. and Isabelle Borne. and Jérémy Buisson.},
title={Model-Based Assessment of Conformance to Acknowledged Security-Related Software Architecture Good Practices},
booktitle={Proceedings of the 12th International Conference on Model-Based Software and Systems Engineering - MODELSWARD},
year={2024},
pages={117-124},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012312400003645},
isbn={978-989-758-682-8},
issn={2184-4348},
}

TY - CONF

JO - Proceedings of the 12th International Conference on Model-Based Software and Systems Engineering - MODELSWARD
TI - Model-Based Assessment of Conformance to Acknowledged Security-Related Software Architecture Good Practices
SN - 978-989-758-682-8
IS - 2184-4348
AU - Buitrago, M.
AU - Borne, I.
AU - Buisson, J.
PY - 2024
SP - 117
EP - 124
DO - 10.5220/0012312400003645
PB - SciTePress