Towards Systematically Addressing Security Variability in Software Product Lines
Title | Towards Systematically Addressing Security Variability in Software Product Lines |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Sion, Laurens, Van Landuyt, Dimitri, Yskout, Koen, Joosen, Wouter |
Conference Name | Proceedings of the 20th International Systems and Software Product Line Conference |
Date Published | September 2016 |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-4050-2 |
Keywords | i-o systems security, i/o systems security, io systems security, pubcrawl, Scalability |
Abstract | With the increasingly pervasive role of software in society, security is becoming an important quality concern, emphasizing security by design, but it requires intensive specialization. Security in families of systems is even harder, as diverse variants of security solutions must be considered, with even different security goals per product. Furthermore, security is not a static object but a moving target, adding variability. For this, an approach to systematically address security concerns in software product lines is needed. It should consider security separate from other variability dimensions. The main challenges to realize this are: (i) expressing security and its variability, (ii) selecting the right solution, (iii) properly instantiating a solution, and (iv) verifying and validating it. In this paper, we present our research agenda towards addressing the aforementioned challenges. |
URL | https://dl.acm.org/doi/10.1145/2934466.2966353 |
DOI | 10.1145/2934466.2966353 |
Citation Key | sion_towards_2016 |