Modelling Tool Extension for Vulnerability Management

被引：0

作者：

Shaked, Avi ^{[1
]}

Messe, Nan ^{[2
]}

Melham, Tom ^{[1
]}

机构：

[1] Univ Oxford, Dept Comp Sci, Oxford, England

[2] UT2, IRIT, Toulouse, France

来源：

ACM/IEEE 27TH INTERNATIONAL CONFERENCE ON MODEL DRIVEN ENGINEERING LANGUAGES AND SYSTEMS: COMPANION PROCEEDINGS, MODELS 2024 | 2024年

基金：

“创新英国”项目;

关键词：

Model driven engineering; Threat modelling; Vulnerability management; Security by design;

D O I：

10.1145/3652620.3687791

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Managing vulnerabilities with respect to the design of systems is essential to securing systems and establishing their trustworthiness. Until now, there has been no modelling tool to support vulnerability management within the context of system design. We present a new, open-source extension of a systems security design and assessment tool. First and foremost, this extension integrates a pertinent vulnerability management domain ontology into the tool's underlying metamodel. Based on the extended metamodel, the enriched tool supports importing information from vulnerability-related knowledge bases as well as capturing new vulnerability information and security rules. This information can then be used in an integrative and scalable form to analyse and reason about the security of systems designs. The extended tool now includes an automated reasoning mechanism for establishing the vulnerability posture of systems designs.

引用

页码：56 / 60

页数：5

共 50 条

[1] A Vulnerability Scanning Tool for Session Management Vulnerabilities
Lukanta, Raymond
Asnar, Yudistira
Kistijantoro, A. Imam
2014 International Conference on Data and Software Engineering (ICODSE), 2014,
[2] Management Petri net - A modelling tool for management systems
Shih, HM
Leung, CKH
INTERNATIONAL JOURNAL OF PRODUCTION RESEARCH, 1997, 35 (06) : 1665 - 1680
[3] BHAM: A Modelling Tool for Bathing Water Management
Brigolin, D.
Pastres, R.
Tonino, M.
Camuffo, M.
Soriani, S.
MEDCOAST 11, VOLS 1 AND 2, 2011, : 671 - +
[4] Fish habitat modelling as a tool for river management
Mouton, Ans M.
Schneider, Matthias
Depestele, Jochen
Goethals, Peter L. M.
De Pauw, Niels
ECOLOGICAL ENGINEERING, 2007, 29 (03) : 305 - 315
[5] Participatory modelling of vulnerability and adaptive capacity in flood risk management
Dagmar Haase
Natural Hazards, 2013, 67 : 77 - 97
[6] Participatory modelling of vulnerability and adaptive capacity in flood risk management
Haase, Dagmar
NATURAL HAZARDS, 2013, 67 (01) : 77 - 97
[7] Vulnerability assessments as a tool for the coastal and marine hazards management: An overview
Rangel-Buitrago, Nelson
Neal, William J.
Bonetti, Jarbas
Anfuso, Giorgio
de Jonge, Victor N.
OCEAN & COASTAL MANAGEMENT, 2020, 189
[8] VULNERABILITY INDEX - A PLANNING TOOL FOR THE PREVENTION OF CLASSROOM MANAGEMENT PROBLEMS
NOLAN, J
EDUCATION, 1991, 111 (04): : 521 - 525
[9] Development and application of a modelling tool to evaluate soil and groundwater vulnerability to pesticide leaching
Galbiati, L
Bouraoui, F
Riparbelli, C
Auteri, D
PESTICIDE IN AIR, PLANT, SOIL & WATER SYSTEM, 2003, : 457 - 466
[10] Comparison of Tool Support for Goal Modelling in Capability Management
Fastnacht, Claas
Koc, Hasan
Nesterenko, Dimitrijs
Sandkuhl, Kurt
ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS, CAISE 2016, 2016, 249 : 29 - 39

← 1 2 3 4 5 →