A Software Security Case Developing Method Based on Hierarchical Argument Strategy

Submitted by grigby1 on Fri, 02/02/2018 - 1:27pm

Title	A Software Security Case Developing Method Based on Hierarchical Argument Strategy
Publication Type	Conference Paper
Year of Publication	2017
Authors	Xu, B., Lu, M., Zhang, D.
Conference Name	2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C)
Date Published	jul
Keywords	argument pattern, argument strategy, asset classification, asset identification, assurance case, composability, hierarchical argument strategy, hierarchical asset-threat-control, hierarchical software security case development method, pattern classification, pubcrawl, Reliability engineering, Safety, Scalability, security, security of data, Software, software assurance, software engineering, software reliability, Stakeholders, threat classification
Abstract	Security cases-which document the rationale for believing that a system is adequately secure-have not been sufficiently used for a lack of practical construction method. This paper presents a hierarchical software security case development method to address this issue. We present a security concept relationship model first, then come up with a hierarchical asset-threat-control measure argument strategy, together with the consideration of an asset classification and threat classification for software security case. Lastly, we propose 11 software security case patterns and illustrate one of them.
URL	http://ieeexplore.ieee.org/document/8004408/
DOI	10.1109/QRS-C.2017.124
Citation Key	xu_software_2017

Groups: