Security and Privacy Requirements Analysis within a Social Setting
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Threat Modeling
Eliciting security requirements with misuse cases
Requirements Engineering
Demystifying the Threat-Modeling Process
IEEE Security and Privacy
Software Security: Building Security In
Software Security: Building Security In
Security Requirements Engineering: A Framework for Representation and Analysis
IEEE Transactions on Software Engineering
Experimental comparison of attack trees and misuse cases for security threat identification
Information and Software Technology
Experimental threat model reuse with misuse case diagrams
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Attribute Decoration of Attack-Defense Trees
International Journal of Secure Software Engineering
| Hi-index | 0.00 |
To support software developers in addressing security, we encourage to take advantage of reusable threat models for knowledge sharing and to achieve a general increase in efficiency and quality. This paper presents a controlled experiment with a qualitative evaluation of two approaches supporting threat modelling - reuse of categorised misuse case stubs and reuse of full misuse case diagrams. In both approaches, misuse case threats were coupled with attack trees to give more insight on the attack techniques and how to mitigate them through security use cases. Seven professional software developers from two European software companies took part in the experiment. Participants were able to identify threats and mitigations they would not have identified otherwise. They also reported that both approaches were easy to learn, seemed to improve productivity and that using them were likely to improve their own skills and confidence in the results.