Towards improving software security by using simulation to inform requirements and conceptual design

被引：0

作者：

Nutaro, James ^{[1
]}

Allgood, Glenn ^{[2
]}

Kuruganti, Teja ^{[3
]}

机构：

[1] Oak Ridge Natl Lab, Computat Sci & Engn Div, Modeling & Simulat Grp, Oak Ridge, TN 37831 USA

[2] Oak Ridge Natl Lab, One Bethel Valley Rd, Oak Ridge, TN 37831 USA

[3] Oak Ridge Natl Lab, Computat Sci & Engn Div, Oak Ridge, TN 37831 USA

来源：

JOURNAL OF DEFENSE MODELING AND SIMULATION-APPLICATIONS METHODOLOGY TECHNOLOGY-JDMS | 2016年 / 13卷 / 01期

关键词：

Cyber-security; simulation; requirements; design; reliability; supervisory control;

D O I：

10.1177/1548512915591049

中图分类号：

T [工业技术];

学科分类号：

08 ;

摘要：

In this article we illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation.

引用

页码：35 / 41

页数：7

共 50 条

[31] Using simulation-based experiments for software requirements engineering
Lerch, FJ
Ballou, DJ
Harter, DE
ANNALS OF SOFTWARE ENGINEERING, 1997, 3 : 345 - 366
[32] Using Cognitive Load Theory to Inform Simulation Design and Practice
Reedy, Gabriel B.
CLINICAL SIMULATION IN NURSING, 2015, 11 (08) : 355 - 360
[33] Improving Reliability of Spectrum Analysis for Software Quality Requirements Using TCM
Kaiya, Haruhiko
Tanigawa, Masaaki
Suzuki, Shunichi
Sato, Tomonori
Osada, Akira
Kaijiri, Kenji
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2010, E93D (04): : 702 - 712
[34] E-business security design using process security requirements septet
Nachtigal, S.
SECRYPT 2007: PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2007, : 408 - 413
[35] USING SOFTWARE WITH AI ELEMENTS FOR CONCEPTUAL DESIGN OF MACHINE ELEMENTS
Tiidemann, M.
Kalja, A.
Tiidemann, T.
Tyugu, E.
PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE OF DAAAM BALTIC INDUSTRIAL ENGINEERING, VOLS 1 AND 2, 2012, : 357 - 360
[36] Towards Improving the Security of Mobile Systems using Virtualization and Isolation
Eppler, Jeremias
Wang, Yong
PROCEEDINGS OF THE 2018 FOURTH INTERNATIONAL CONFERENCE ON MOBILE AND SECURE SERVICES (MOBISECSERV), 2018,
[37] Towards using Data to Inform Decisions in Agile Software Development: Views of Available Data
Matthies, Christoph
Hesse, Guenter
ICSOFT: PROCEEDINGS OF THE 14TH INTERNATIONAL CONFERENCE ON SOFTWARE TECHNOLOGIES, 2019, : 552 - 559
[38] Estimating resource requirements at conceptual design stage using neural networks
Elazouni, AM
Nosair, IA
Mohieldin, YA
Mohamed, AG
JOURNAL OF COMPUTING IN CIVIL ENGINEERING, 1997, 11 (04) : 217 - 223
[39] Improving global software development project performance using simulation
Setarnanit, Siri-on
Wakeland, Wayne
Raffo, David
PICMET '07: PORTLAND INTERNATIONAL CENTER FOR MANAGEMENT OF ENGINEERING AND TECHNOLOGY, VOLS 1-6, PROCEEDINGS: MANAGEMENT OF CONVERGING TECHNOLOGIES, 2007, : 2458 - +
[40] Using flow simulation to inform the design and placement of remediation units in rivers
Waite, Stephen J.
Clark, Alys R.
Suresh, Vinod
Singhal, Naresh
Clarke, Richard J.
JOURNAL OF THE ROYAL SOCIETY OF NEW ZEALAND, 2021, 51 (02) : 212 - 241

← 1 2 3 4 5 →