Evolution of Security Engineering Artifacts-Reference-Cited by-同舟云学术

Evolution of Security Engineering Artifacts

Published:2015 Issue: Volume: Page:1508-1562
ISSN:
Container-title:Transportation Systems and Engineering
language:
Short-container-title:

Author:

Felderer Michael¹,Katt Basel¹,Kalb Philipp¹,Jürjens Jan²,Ochoa Martín³,Paci Federica⁴,Tran Le Minh Sang⁴,Tun Thein Than⁵,Yskout Koen⁶,Scandariato Riccardo⁶,Piessens Frank⁶,Vanoverberghe Dries⁶,Fourneret Elizabeta⁷,Gander Matthias¹,Solhaug Bjørnar⁸,Breu Ruth¹

Affiliation:

1. University of Innsbruck, Austria

2. Technical University of Dortmund, Germany

3. Technical University of Munich, Germany

4. University of Trento, Italy

5. The Open University, UK

6. iMinds-DistriNet, KU Leuven, Belgium

7. SnT Centre, University of Luxembourg, Luxembourg

8. SINTEF, Norway

Abstract

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research.

Publisher

IGI Global

Reference265 articles.

1. Security analysis and enhancements of computer operating systems

2. Checking threat modeling data flow diagrams for implementation conformance and security

3. Ahmad, A., Jamshidi, P., & Pahl, C. (2012). Pattern-driven reuse in architecture-centric evolution for service software. In 7th international conference on software paradigm trends ICSOFT’2012.

4. Alberts, C. J., & Dorofee, A. J. (2001). OCTAVE Criteria (Tech. Rep. No. CMU/SEI-2001-TR-016). CERT.

5. Towards Systematic Integration of Quality Requirements into Software Architecture