Towards improving software security by using simulation to inform requirements and conceptual design

被引：0

作者：

Nutaro, James ^{[1
]}

Allgood, Glenn ^{[2
]}

Kuruganti, Teja ^{[3
]}

机构：

[1] Oak Ridge Natl Lab, Computat Sci & Engn Div, Modeling & Simulat Grp, Oak Ridge, TN 37831 USA

[2] Oak Ridge Natl Lab, One Bethel Valley Rd, Oak Ridge, TN 37831 USA

[3] Oak Ridge Natl Lab, Computat Sci & Engn Div, Oak Ridge, TN 37831 USA

来源：

JOURNAL OF DEFENSE MODELING AND SIMULATION-APPLICATIONS METHODOLOGY TECHNOLOGY-JDMS | 2016年 / 13卷 / 01期

关键词：

Cyber-security; simulation; requirements; design; reliability; supervisory control;

D O I：

10.1177/1548512915591049

中图分类号：

T [工业技术];

学科分类号：

08 ;

摘要：

In this article we illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation.

引用

页码：35 / 41

页数：7

共 50 条

[41] Towards development of a decision support tool for conceptual design of wastewater treatment plants using stochastic simulation optimization
Al, Resul
Behera, Chitta Ranjan
Gernaey, Krist V.
Sin, Gurkan
29TH EUROPEAN SYMPOSIUM ON COMPUTER AIDED PROCESS ENGINEERING, PT A, 2019, 46 : 325 - 330
[42] Understanding the effects of requirements volatility in software engineering by using analytical modeling and software process simulation
Ferreira, Susan
Collofello, James
Shunk, Dan
Mackulak, Gerald
JOURNAL OF SYSTEMS AND SOFTWARE, 2009, 82 (10) : 1568 - 1577
[43] Formal analysis and design for engineering security automated derivation of formal software security specifications from goal-oriented security requirements
Hassan, R.
Eltoweissy, M.
Bohner, S.
El-Kassas, S.
IET SOFTWARE, 2010, 4 (02) : 149 - 160
[44] Design of Software Rejuvenation for CPS Security Using Invariant Sets
Romagnoli, Raffaele
Krogh, Bruce H.
Sinopoli, Bruno
2019 AMERICAN CONTROL CONFERENCE (ACC), 2019, : 3740 - 3745
[45] Using Conceptual Structures in the Design of Computer-Based Assessment Software
Priss, Uta
Jensen, Nils
Rod, Oliver
CONCEPTUAL STRUCTURES FOR STEM RESEARCH AND EDUCATION, ICCS 2013, 2013, 7735 : 121 - 134
[46] TOWARDS AN INTEGRATED SUPPORT FOR TRACEABILITY OF QUALITY REQUIREMENTS USING SOFTWARE SPECTRUM ANALYSIS
Kaiya, Haruhiko
Amemiya, Kasuhisa
Shimizu, Yuutarou
Kaijiri, Kenji
ICSOFT 2010: PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON SOFTWARE AND DATA TECHNOLOGIES, VOL 2, 2010, : 187 - 194
[47] Towards improving the security of wireless networks using secured session keys
Amma, N. G. Nageswari
Jayaraj, T.
Amma, N. G. Bhuvaneswari
INFORMATION SECURITY JOURNAL, 2025, 34 (01): : 1 - 14
[48] Classifying software security requirements into confidentiality, integrity, and availability using machine learning approaches
Bagies, Taghreed
PeerJ Computer Science, 2024, 10 : 1 - 20
[49] Analysing Smart Home Security Using Packet Tracer Simulation Software
Aziz, Nur Najihah Abdul
Rechie, Rizzo Mungka Anak
Bakry, Batrisyia B. Mohd
Ab Rahman, Ruhani
Yussoff, Yusnani Mohd
11TH IEEE SYMPOSIUM ON COMPUTER APPLICATIONS & INDUSTRIAL ELECTRONICS (ISCAIE 2021), 2021, : 239 - 244
[50] Design guidelines for using distillation simulation software in the field
Kolmetz, Karl
Mardikar, Asit
Gulati, Harpreet
Ng, Wai Kiong
Lima, Tau Yee
Cheah, Phaik Sim
ASIA-PACIFIC JOURNAL OF CHEMICAL ENGINEERING, 2007, 2 (04) : 308 - 314

← 1 2 3 4 5 →