Issue No.04 - July/August (2007 vol.5)
Suvajit Gupta , Cigital
Joel Winstead , Cigital
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.100
On a recent project, the authors found informal attack graphs were helpful in the iterative design of a system used to protect sensitive data at a customer site. In this article, they use a snippet from the project's design to illustrate the value of using attack graphs in a secure software development life cycle.
attack graphs, software development, life cycle, software engineering, agile
Suvajit Gupta, Joel Winstead, "Using Attack Graphs to Design Systems", IEEE Security & Privacy, vol.5, no. 4, pp. 80-83, July/August 2007, doi:10.1109/MSP.2007.100