Towards improving software security by using simulation to inform requirements and conceptual design

被引:0
|
作者
Nutaro, James [1 ]
Allgood, Glenn [2 ]
Kuruganti, Teja [3 ]
机构
[1] Oak Ridge Natl Lab, Computat Sci & Engn Div, Modeling & Simulat Grp, Oak Ridge, TN 37831 USA
[2] Oak Ridge Natl Lab, One Bethel Valley Rd, Oak Ridge, TN 37831 USA
[3] Oak Ridge Natl Lab, Computat Sci & Engn Div, Oak Ridge, TN 37831 USA
来源
JOURNAL OF DEFENSE MODELING AND SIMULATION-APPLICATIONS METHODOLOGY TECHNOLOGY-JDMS | 2016年 / 13卷 / 01期
关键词
Cyber-security; simulation; requirements; design; reliability; supervisory control;
D O I
10.1177/1548512915591049
中图分类号
T [工业技术];
学科分类号
08 ;
摘要
In this article we illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation.
引用
收藏
页码:35 / 41
页数:7
相关论文
共 50 条
  • [1] A classification approach for software requirements towards maintainable security
    Kadebu, Prudence
    Sikka, Sunil
    Tyagi, Rajesh Kumar
    Chiurunge, Panashe
    SCIENTIFIC AFRICAN, 2023, 19
  • [2] Towards security requirements management for software product lines:: A security domain requirements engineering process
    Mellado, Daniel
    Fernandez-Medina, Eduardo
    Piattini, Mario
    COMPUTER STANDARDS & INTERFACES, 2008, 30 (06) : 361 - 371
  • [3] A System for Seamless Support from Security Requirements Analysis to Security Design Using a Software Security Knowledge Base
    Hazeyama, Atsuo
    Miyahara, Hikaru
    Tanaka, Takafumi
    Washizaki, Hironori
    Kaiya, Haruhiko
    Okubo, Takao
    Yoshioka, Nobukazu
    2019 IEEE 27TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW 2019), 2019, : 134 - 140
  • [4] Towards Developing Security Requirements Modeling for Outsourcing Software Projects
    Hanan, Farahnatasyah Abdul
    Azmi, Nurulhuda Firdaus Mohd
    Zainuddin, Norziha Megat
    Maarop, Nurazean
    Ali, Rosmah
    Yaacob, Suraya
    ADVANCED SCIENCE LETTERS, 2018, 24 (10) : 7240 - 7244
  • [5] Security and design requirements for software-defined VANETs
    Ben Jaballah, Wafa
    Conti, Mauro
    Lal, Chhagan
    COMPUTER NETWORKS, 2020, 169 (169)
  • [6] Software design method enhanced by appended security requirements
    Lee, ES
    Hwang, SM
    ADVANCES IN MULTIMEDIA INFORMATION PROCESSING - PCM 2004, PT 1, PROCEEDINGS, 2004, 3331 : 578 - 585
  • [7] A Conceptual Framework for Improving the Software Security of Self- Driven Vehicles
    Yadav, Anurag
    Gupta, Himanshu
    Khatri, Sunil Kumar
    PROCEEDINGS 2019 AMITY INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE (AICAI), 2019, : 893 - 897
  • [8] Towards the formalization of non-functional requirements in conceptual design
    Shankar, Prabhu
    Morkos, Beshoy
    Yadav, Darshan
    Summers, Joshua D.
    RESEARCH IN ENGINEERING DESIGN, 2020, 31 (04) : 449 - 469
  • [9] Towards the formalization of non-functional requirements in conceptual design
    Prabhu Shankar
    Beshoy Morkos
    Darshan Yadav
    Joshua D. Summers
    Research in Engineering Design, 2020, 31 : 449 - 469
  • [10] Towards a Security Requirements Management Framework for Open-Source Software
    Wang, Wentao
    2018 IEEE 26TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE (RE 2018), 2018, : 478 - 483
12345