Welcome to the InfoSci Platform
Graphical Modeling of Security Goals and Software Vulnerabilities

Graphical Modeling of Security Goals and Software Vulnerabilities

David Byers, Nahid Shahmehri
Copyright: © 2015 |Pages: 31
ISBN13: 9781466663596|ISBN10: 1466663596|EISBN13: 9781466663602
DOI: 10.4018/978-1-4666-6359-6.ch001
Cite Chapter Cite Chapter

MLA

Byers, David, and Nahid Shahmehri. "Graphical Modeling of Security Goals and Software Vulnerabilities." Handbook of Research on Innovations in Systems and Software Engineering, edited by Vicente García Díaz, et al., IGI Global, 2015, pp. 1-31. https://doi.org/10.4018/978-1-4666-6359-6.ch001

APA

Byers, D. & Shahmehri, N. (2015). Graphical Modeling of Security Goals and Software Vulnerabilities. In V. Díaz, J. Lovelle, & B. García-Bustelo (Eds.), Handbook of Research on Innovations in Systems and Software Engineering (pp. 1-31). IGI Global. https://doi.org/10.4018/978-1-4666-6359-6.ch001

Chicago

Byers, David, and Nahid Shahmehri. "Graphical Modeling of Security Goals and Software Vulnerabilities." In Handbook of Research on Innovations in Systems and Software Engineering, edited by Vicente García Díaz, Juan Manuel Cueva Lovelle, and B. Cristina Pelayo García-Bustelo, 1-31. Hershey, PA: IGI Global, 2015. https://doi.org/10.4018/978-1-4666-6359-6.ch001

Export Reference

Mendeley
Favorite

Abstract

Security has become recognized as a critical aspect of software development, leading to the development of various security-enhancing techniques, many of which use some kind of custom modeling language. Models in different languages cannot readily be related to each other, which is an obstacle to using several techniques together. The sheer number of languages is, in itself, also an obstacle to adoption by developers. The authors have developed a modeling language that can be used in place of four existing modeling languages: attack trees, vulnerability cause graphs, security activity graphs, and security goal indicator trees. Models in the new language can be transformed to and from the earlier language, and a precise definition of model semantics enables an even wider range of applications, such as testing and static analysis. This chapter explores this new language.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.