Generative secure design, defined
Paper in proceeding, 2018

In software-intensive industries, companies face the constant challenge of not having enough security experts on staff in order to validate the design of the high-complexity projects they run. Many of these companies are now realizing that increasing automation in their secure development process is the only way forward in order to cope with the ultra-large scale of modern systems. This paper embraces that viewpoint. We chart the roadmap to the development of a generative design tool that iteratively produces several design alternatives, each attempting to solve the security goals by incorporating security mechanisms. The tool explores the possible solutions by starting from well-known security techniques and by creating variations via mutations and crossovers. By incorporating user feedback, the tool generates increasingly better design alternatives.

Security

Tool

Design

Author

Riccardo Scandariato

University of Gothenburg

Jennifer Horkhoff

University of Gothenburg

Robert Feldt

Chalmers, Computer Science and Engineering (Chalmers), Software Engineering (Chalmers)

Proceedings - International Conference on Software Engineering

02705257 (ISSN)

Vol. Part F137347 1-4

40th ACM/IEEE International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2018
Gothenburg, Sweden,

Subject Categories

Design

Software Engineering

Human Computer Interaction

DOI

10.1145/3183399.3183400

More information

Latest update

1/9/2019 1