loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Author: Shouki A. Ebad

Affiliation: Department of Computer Science, Faculty of Science, Northern Border University, Saudi Arabia

Keyword(s): UMLsec, Software Security, Model-based Software Engineering, Adoption.

Abstract: UMLsec is an extended UML-based secure modelling profile. It has been applied at the phase of the software design and architecture. Although it appeared over two decades ago and been integrated into some tools, how extensively it has been adopted or used by the software security community is questionable. This paper employs social science methodologies to fill this gap. The contribution of this study is to find the reasons affecting the UMLsec adoption by software practitioners and researchers and their proposals to increase this adoption. As a result, only 13% of the sample uses UMLsec. In addition, four problems preventing the use of UMLsec, (1) using a pattern-driven security methodology rather than UMLsec (2) agile supportability; agile process reduces the design and architecture documentation including UML diagram (3) UMLsec standardization and tooling is still questionable (4) the awareness and training on use UMLsec are weak. The study also presented proposals for UMLsec impro vement, in particular (1) simplifying the notations to apply UMLsec in many fields (2) raising awareness (e.g., demonstrating practical examples to the interested people). The paper discussed the threats to the validity of the study and suggested open issues for future research. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.145.93.210

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ebad, S. (2022). An Exploratory Study of Why UMLsec Is Not Adopted. In Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-553-1; ISSN 2184-4356, SciTePress, pages 357-364. DOI: 10.5220/0010821400003120

@conference{icissp22,
author={Shouki A. Ebad.},
title={An Exploratory Study of Why UMLsec Is Not Adopted},
booktitle={Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP},
year={2022},
pages={357-364},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010821400003120},
isbn={978-989-758-553-1},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP
TI - An Exploratory Study of Why UMLsec Is Not Adopted
SN - 978-989-758-553-1
IS - 2184-4356
AU - Ebad, S.
PY - 2022
SP - 357
EP - 364
DO - 10.5220/0010821400003120
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic