Generative secure design, defined
Paper i proceeding, 2018

In software-intensive industries, companies face the constant challenge of not having enough security experts on staff in order to validate the design of the high-complexity projects they run. Many of these companies are now realizing that increasing automation in their secure development process is the only way forward in order to cope with the ultra-large scale of modern systems. This paper embraces that viewpoint. We chart the roadmap to the development of a generative design tool that iteratively produces several design alternatives, each attempting to solve the security goals by incorporating security mechanisms. The tool explores the possible solutions by starting from well-known security techniques and by creating variations via mutations and crossovers. By incorporating user feedback, the tool generates increasingly better design alternatives.

Security

Tool

Design

Författare

Riccardo Scandariato

Göteborgs universitet

Jennifer Horkhoff

Göteborgs universitet

Robert Feldt

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Psysical Systems

Proceedings - International Conference on Software Engineering

02705257 (ISSN)

Vol. Part F137347 1-4

40th ACM/IEEE International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2018
Gothenburg, Sweden,

Ämneskategorier

Design

Programvaruteknik

Människa-datorinteraktion (interaktionsdesign)

DOI

10.1145/3183399.3183400

Mer information

Senast uppdaterat

2019-01-09