Back to the Drawing Board: Bringing security constraints in an architecture-centric software development process
Paper i proceeding, 2018

Today, security is still poorly considered in early phases of software engineering. Architects and software engineers still lack knowledge about architectural security design as well as implementing it compliantly. However, a software system that is not designed for security or does not adhere to this design can hardly meet its security requirements. In this paper, we present an approach we are working on. The approach consists of two parts: Firstly, we improve the architecture’s security level through model transformation. Secondly, we derive rules and constraints from the secured architecture in order to check the implementation’s conformance. Through these activities we aim to support architects and software developers in building a secure software system. We plan to evaluate our approach in industrial case studies.

Security by Design

Security Constraints

Architecture Violations

Secure Software Architecture

Privacy by Design

Architecture Compliance Checking

Software Architecture

Architecture Conformance Checking

Architecture Erosion

Architectural Decay

Författare

Stefanie Jasser

Universität Hamburg

Katja Tuma

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

Riccardo Scandariato

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

Matthias Riebisch

Universität Hamburg

ICISSP 2018 - Proceedings of the 4th International Conference on Information Systems Security and Privacy

438-446

e 4th International Conference on Information Systems Security and Privacy (ICISSP 2018)
, ,

Ämneskategorier

Programvaruteknik

Datavetenskap (datalogi)

Datorsystem

DOI

10.5220/0006659904380446

Mer information

Skapat

2020-11-16