The Community for Technology Leaders
The Second International Conference on Availability, Reliability and Security (ARES'07) (2007)
Vienna, Austria
Apr. 10, 2007 to Apr. 13, 2007
ISBN: 0-7695-2775-2
pp: 1017-1025
Shanai Ardi , Linkopings universitet
David Byers , Linkopings universitet
Per Hakon Meland , SINTEF ICT, Norway
Inger Anne Tondel , SINTEF ICT, Norway
Nahid Shahmehri , Linkopings universitet
<p>Security has become a necessary part of nearly every software development project, as the overall risk from malicious users is constantly increasing, due to increased consequences of failure, security threats and exposure to threats. There are few projects today where software security can be ignored. Despite this, security is still rarely taken into account throughout the entire software lifecycle; security is often an afterthought, bolted on late in development, with little thought to what threats and exposures exist. Little thought is given to maintaining security in the face of evolving threats and exposures.</p> <p>Software developers are usually not security experts. However, there are methods and tools available today that can help developers build more secure software. Security modeling, modeling of e.g. threats and vulnerabilities, is one such method that, when integrated in the software development process, can help developers prevent security problems in software. We discuss these issues, and present how modeling tools, vulnerability repositories and development tools can be connected to provide support for secure software development.</p>

P. H. Meland, N. Shahmehri, I. A. Tondel, D. Byers and S. Ardi, "How can the developer benefit from security modeling?," The Second International Conference on Availability, Reliability and Security (ARES'07)(ARES), Vienna, Austria, 2007, pp. 1017-1025.
89 ms
(Ver 3.3 (11022016))