The Community for Technology Leaders
2012 Seventh International Conference on Availability, Reliability and Security (2007)
Vienna, Austria
Apr. 10, 2007 to Apr. 13, 2007
ISBN: 0-7695-2775-2
pp: 1017-1025
Per Hakon Meland , SINTEF ICT, Norway
Nahid Shahmehri , Linkopings universitet
Inger Anne Tondel , SINTEF ICT, Norway
David Byers , Linkopings universitet
Shanai Ardi , Linkopings universitet
ABSTRACT
<p>Security has become a necessary part of nearly every software development project, as the overall risk from malicious users is constantly increasing, due to increased consequences of failure, security threats and exposure to threats. There are few projects today where software security can be ignored. Despite this, security is still rarely taken into account throughout the entire software lifecycle; security is often an afterthought, bolted on late in development, with little thought to what threats and exposures exist. Little thought is given to maintaining security in the face of evolving threats and exposures.</p> <p>Software developers are usually not security experts. However, there are methods and tools available today that can help developers build more secure software. Security modeling, modeling of e.g. threats and vulnerabilities, is one such method that, when integrated in the software development process, can help developers prevent security problems in software. We discuss these issues, and present how modeling tools, vulnerability repositories and development tools can be connected to provide support for secure software development.</p>
INDEX TERMS
null
CITATION
Per Hakon Meland, Nahid Shahmehri, Inger Anne Tondel, David Byers, Shanai Ardi, "How can the developer benefit from security modeling?", 2012 Seventh International Conference on Availability, Reliability and Security, vol. 00, no. , pp. 1017-1025, 2007, doi:10.1109/ARES.2007.96
91 ms
(Ver 3.3 (11022016))