The Community for Technology Leaders
RSS Icon
Subscribe
Philadelphia, PA
Sept. 24, 2006 to Sept. 27, 2006
ISBN: 0-7695-2354-4
pp: 411-422
David Byers , Linkopings universitet, SE-58183 Linkoping, Sweden
Shanai Ardi , Linkopings universitet, SE-58183 Linkoping, Sweden
Nahid Shahmehri , Linkopings universitet, SE-58183 Linkoping, Sweden
Claudiu Duma , Linkopings universitet, SE-58183 Linkoping, Sweden
ABSTRACT
<p>When vulnerabilities are discovered in software, which often happens after deployment, they must be addressed as part of ongoing software maintenance. A mature software development organization should analyze vulnerabilities in order to determine how they, and similar vulnerabilities, can be prevented in the future.</p> <p>In this paper we present a structured method for analyzing and documenting the causes of software vulnerabilities. Applied during software maintenance, the method generates the information needed for improving the software development process, to prevent similar vulnerabilities in future releases.</p> <p>Our approach is based on vulnerability cause graphs, a structured representation of causes of software vulnerabilities.</p>
INDEX TERMS
software security, vulnerability modeling
CITATION
David Byers, Shanai Ardi, Nahid Shahmehri, Claudiu Duma, "Modeling Software VulnerabilitiesWith Vulnerability Cause Graphs", ICSM, 2006, 22nd IEEE International Conference on Software Maintenance, 22nd IEEE International Conference on Software Maintenance 2006, pp. 411-422, doi:10.1109/ICSM.2006.40
69 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool