A Cause-Based Approach to Preventing Software Vulnerabilities

A
ARES
2008
2008 Third International Conference on Availability, Reliability and Security
Abstract - A Cause-Based Approach to Preventing Software Vulnerabilities

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by David Byers Articles by Nahid Shahmehri

2008 Third International Conference on Availability, Reliability and Security

March 04-March 07

ISBN: 978-0-7695-3102-1

	ASCII Text	x
	David Byers, Nahid Shahmehri, "A Cause-Based Approach to Preventing Software Vulnerabilities," Availability, Reliability and Security, International Conference on, pp. 276-283, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.12, author = {David Byers and Nahid Shahmehri}, title = {A Cause-Based Approach to Preventing Software Vulnerabilities}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {276-283}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.12}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - A Cause-Based Approach to Preventing Software Vulnerabilities SN - 978-0-7695-3102-1 SP276 EP283 A1 - David Byers, A1 - Nahid Shahmehri, PY - 2008 KW - Software security KW - Security modeling VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

David Byers

Nahid Shahmehri

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2008.12

Security is often an afterthought in software development, sometimes even bolted on during deployment or in maintenance through add-on security software and penetrate-and-patch maintenance. We think that security needs to be an integral part of software development and that preventing vulnerabilities by addressing their causes is as important as detecting and fixing them. In this paper we present a method for determining how to prevent vulnerabilities from being introduced during software development. Our method allows developers to select the set of activities that suits them best while being assured that those activities will prevent vulnerabilities.Our method is based on formal modeling of vulnerability causes and is independent of the software development process being used.

Index Terms:

Software security, Security modeling

Citation:

David Byers, Nahid Shahmehri, "A Cause-Based Approach to Preventing Software Vulnerabilities," ares, pp.276-283, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.