Experimentation in software engineering
IEEE Transactions on Software Engineering
Pattern-oriented software architecture: a system of patterns
Pattern-oriented software architecture: a system of patterns
Experimentation in software engineering: an introduction
Experimentation in software engineering: an introduction
Empirical Software Engineering
Experiences with ALMA: architecture-level modifiability analysis
Journal of Systems and Software
Preliminary guidelines for empirical research in software engineering
IEEE Transactions on Software Engineering
Software Architecture in Practice
Software Architecture in Practice
Linking usability to software architecture patterns through general scenarios
Journal of Systems and Software - Special issue on: Software architecture - Engineering quality attributes
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
ASWEC '06 Proceedings of the Australian Software Engineering Conference
Generalizing a Model of Software Architecture Design from Five Industrial Approaches
WICSA '05 Proceedings of the 5th Working IEEE/IFIP Conference on Software Architecture
A Tool for Managing Software Architecture Knowledge
SHARK-ADI '07 Proceedings of the Second Workshop on SHAring and Reusing architectural Knowledge Architecture, Rationale, and Design Intent
Evaluating Product Line Architectures: Methods and Techniques
APSEC '07 Proceedings of the 14th Asia-Pacific Software Engineering Conference
Making Practical Use of Quality Attribute Information
IEEE Software
Introducing Tool Support for Managing Architectural Knowledge: An Experience Report
ECBS '08 Proceedings of the 15th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems
Building Secure Software: How to Avoid Security Problems the Right Way (paperback) (Addison-Wesley Professional Computing Series)
Supporting security sensitive architecture design
QoSA'05 Proceedings of the First international conference on Quality of Software Architectures and Software Quality, and Proceedings of the Second International conference on Software Quality
Assessing the value of architectural information extracted from patterns for architecting
EASE'06 Proceedings of the 10th international conference on Evaluation and Assessment in Software Engineering
Applying empirical software engineering to software architecture: challenges and lessons learned
Empirical Software Engineering
| Hi-index | 0.00 |
Background: We have developed an Architectural Level Security Analysis Framework (ALSAF), which can be used to consider and address security related issues at software architecture level. Goal: Our goal was to empirically assess the usefulness of ALSAF for identifying security attributes and security design patterns for satisfying those attributes during architecture design and evaluation. Assessment approach: The reported assessment was performed with one pilot study and one Quasiexperiment. In the main study, there were 19 software development professionals who participated in the study after attending a training course. The participants were required to identify security attributes and security design patterns suitable for achieving those attributes based on a given list of security properties. One group (control group) was given the textual description of security patterns, attributes, and properties, the other group (treatment group) was given ALSAF as well as the document provided to the control group. The outcome variables were security attributes and security patterns for a Web-based system, whose requirements were provided to the participants. Result: The average score for identifying security attributes for the treatment group was 4.56 and for the control group was 2.60. The difference between the groups was significant using Mann-Whiney test (p=0.011). The average score for identifying the security patterns for the treatment group was 5.78 and for the control group was 2.8. Mann-Whitney test revealed that the difference between the groups was again significant at (p=0.022). Post-study questionnaire revealed that majority of the participants were convinced of the usefulness of ALSAF in identifying and understanding the relationships between security attributes, properties, and patterns for supporting architectural level security analysis. Conclusion: The findings provide an initial evidence to support the claim of the usefulness of ALSAF for supporting security sensitive analysis during architecture design and evaluation.