Evolution of Security Engineering Artifacts-Reference-Cited by-同舟云学术

Evolution of Security Engineering Artifacts

Published:2014-10 Issue:4 Volume:5 Page:48-98
ISSN:1947-3036
Container-title:International Journal of Secure Software Engineering
language:en
Short-container-title:

Author:

Felderer Michael¹,Katt Basel¹,Kalb Philipp¹,Jürjens Jan²,Ochoa Martín³,Paci Federica⁴,Tran Le Minh Sang⁵,Tun Thein Than⁶,Yskout Koen⁷,Scandariato Riccardo⁷,Piessens Frank⁷,Vanoverberghe Dries⁷,Fourneret Elizabeta⁸,Gander Matthias¹,Solhaug Bjørnar⁹,Breu Ruth¹

Affiliation:

1. Institute of Computer Science, University of Innsbruck, Innsbruck, Austria

2. Department of Software Engineering, Technical University of Dortmund, Dortmund, Germany

3. Department of Software Engineering, Technical University of Munich, Munich, Germany

4. Department of Information Engineering and Computer Science, University of Trento, Trento, Italy

5. Security Research Group, University of Trento, Trento, Italy

6. Department of Computing, The Open University, Milton Keynes, UK

7. iMinds-DistriNet, KU Leuven, Leuven, Belgium

8. SnT Centre, University of Luxembourg, Luxembourg

9. Information and Communication Technology (ICT), SINTEF, Oslo, Norway

Abstract

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research.

Publisher

IGI Global

Subject

General Medicine

Reference265 articles.

1. Security analysis and enhancements of computer operating systems

2. Checking threat modeling data flow diagrams for implementation conformance and security

3. Ahmad, A., Jamshidi, P., & Pahl, C. (2012). Pattern-driven reuse in architecture-centric evolution for service software. In 7th international conference on software paradigm trends ICSOFT’2012.

4. Alberts, C. J., & Dorofee, A. J. (2001). OCTAVE Criteria (Tech. Rep. No. CMU/SEI-2001-TR-016). CERT.

5. Towards Systematic Integration of Quality Requirements into Software Architecture

Cited by 9 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Human-centred cyber secure software engineering;Zeitschrift für Arbeitswissenschaft;2022-12-23

2. An Exploratory Study on Regression Vulnerabilities;ACM / IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM);2022-09-19

3. Cybersecurity management for distributed control system: systematic approach;Journal of Ambient Intelligence and Humanized Computing;2021-01-03

4. On the Modeling of Automotive Security: A Survey of Methods and Perspectives;Future Internet;2020-11-16

5. Distributed Control Systems Security for CPS;Studies in Computational Intelligence;2018