Object-oriented software engineering
Object-oriented software engineering
ACM Transactions on Programming Languages and Systems (TOPLAS)
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Model-Based Risk Assessment to Improve Enterprise Security
EDOC '02 Proceedings of the 6th International Enterprise Distributed Object Computing Conference
On the Comprehension of Security Risk Scenarios
IWPC '05 Proceedings of the 13th International Workshop on Program Comprehension
Proofs of Networks of Processes
IEEE Transactions on Software Engineering
Misuse Cases: Use Cases with Hostile Intent
IEEE Software
Secure Systems Development with UML
Secure Systems Development with UML
A graphical approach to risk identification, motivated by empirical investigations
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
Hi-index | 0.00 |
The CORAS method for security risk analysis provides a customized language, the CORAS diagrams, for threat and risk modelling. In this paper, we extend this language to capture context dependencies, and use it as a means to analyse mutual dependency. We refer to the extension as dependent CORAS diagrams. We define a textual syntax using EBNF and explain how a dependent CORAS diagram may be schematically translated via the textual syntax into a paragraph in English, characterizing its intended meaning. Then we demonstrate the suitability of the language by means of a core example.