Security Assurance Cases – State of the Art of an Emerging Approach
Artikel i vetenskaplig tidskrift, 2021

Security Assurance Cases (SAC) are a form of structured argumentation used to reason about the security properties of a system. After the successful adoption of assurance cases for safety, SAC are getting significant traction in recent years, especially in safety-critical industries (e.g., automotive), where there is an increasing pressure to be compliant with several security standards and regulations.
Accordingly, research in the field of SAC has flourished in the past decade, with different approaches being investigated.
In an effort to systematize this active field of research, we conducted a systematic literature review (SLR) of the existing academic studies on SAC.
Our review resulted in an in-depth analysis and comparison of 51 papers.
Our results indicate that, while there are numerous papers discussing the importance of SAC and their usage scenarios, the literature is still immature with respect to concrete support for practitioners on how to build and maintain a SAC. More importantly, even though some methodologies are available, their validation and tool support is still lacking.

assurance cases

security

systematic literature review

Författare

Mazen Mohamad

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

Jan-Philipp Steghöfer

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Testing, Requirements, Innovation and Psychology

Riccardo Scandariato

Chalmers, Data- och informationsteknik, Software Engineering, Software Engineering for Cyber Physical Systems

Empirical Software Engineering

1382-3256 (ISSN) 1573-7616 (eISSN)

CASUS: Konstruktion av IT-säkerhetsunderlag för öppna fordonssystem

VINNOVA, -- .

Ämneskategorier

Programvaruteknik

Datavetenskap (datalogi)

Datorsystem

DOI

10.1007/s10664-021-09971-7

Mer information

Senast uppdaterat

2021-05-04