Generating statechart designs from scenarios
Proceedings of the 22nd international conference on Software engineering
Initial Industrial Experience of Misuse Cases in Trade-Off Analysis
RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Security and Privacy Requirements Analysis within a Social Setting
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Threat Modeling
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Modeling and Composing Scenario-Based Requirements with Aspects
RE '04 Proceedings of the Requirements Engineering Conference, 12th IEEE International
Eliciting security requirements with misuse cases
Requirements Engineering
Verifiable composition of access control and application features
Proceedings of the tenth ACM symposium on Access control models and technologies
Software Security: Building Security In
Software Security: Building Security In
Composing aspect models with graph transformations
Proceedings of the 2006 international workshop on Early aspects at ICSE
A Pattern-Based Technique for Developing UML Models of Access Control Systems
COMPSAC '06 Proceedings of the 30th Annual International Computer Software and Applications Conference - Volume 01
Generating Hierarchical State Machines from Use Case Charts
RE '06 Proceedings of the 14th IEEE International Requirements Engineering Conference
UCSIM: A Tool for Simulating Use Case Scenarios
ICSE COMPANION '07 Companion to the proceedings of the 29th International Conference on Software Engineering
Computer-aided Support for Secure Tropos
Automated Software Engineering
Misuse Cases: Use Cases with Hostile Intent
IEEE Software
Precise specification of use case scenarios
FASE'07 Proceedings of the 10th international conference on Fundamental approaches to software engineering
Specifying precise use cases with use case charts
MoDELS'05 Proceedings of the 2005 international conference on Satellite Events at the MoDELS
Model composition in product lines and feature interaction detection using critical pair analysis
MODELS'07 Proceedings of the 10th international conference on Model Driven Engineering Languages and Systems
An expressive aspect composition language for UML state diagrams
MODELS'07 Proceedings of the 10th international conference on Model Driven Engineering Languages and Systems
A systematic review of security requirements engineering
Computer Standards & Interfaces
Using implied scenarios in security testing
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
Monitor petri nets for security monitoring
Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems
Designing software security with UML extensions: post-conference workshop
Journal of Computing Sciences in Colleges
Hi-index | 0.00 |
Misuse cases are a way of modeling negative requirements, that is, behaviors that should not occur in a system. In particular, they can be used to model attacks on a system as well as the security mechanisms needed to avoid them. However, like use cases, misuse cases describe requirements in a high-level and informal manner. This means that, whilst they are easy to understand, they do not lend themselves to testing or analysis. In this paper, we present an executable misuse case modeling language which allows modelers to specify misuse case scenarios in a formal yet intuitive way and to execute the misuse case model in tandem with a corresponding use case model. Misuse scenarios are given in executable form and mitigations are captured using aspect-oriented modeling. The technique is useful for brainstorming potential attacks and their mitigations. Furthermore, the use of aspects allows mitigations to be maintained separately from the core system model. The paper, supported by a UML-based modeling tool, describes an application to two case studies, providing evidence that the technique can support red-teaming of security requirements forn realistic systems.