Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Use of SBIDA cases for IS projects
Proceedings of the 2000 information resources management association international conference on Challenges of information technology management in the 21st century
Attack net penetration testing
Proceedings of the 2000 workshop on New security paradigms
Building secure software: how to avoid security problems the right way
Building secure software: how to avoid security problems the right way
Writing Secure Code
Web Hacking: Attacks and Defense
Web Hacking: Attacks and Defense
A Formal Architectural Model for Logical Agent Mobility
IEEE Transactions on Software Engineering
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Proceedings of an Advanced Course on Petri Nets: Central Models and Their Properties, Advances in Petri Nets 1986-Part I
An Approach for Modeling and Analysis of Security System Architectures
IEEE Transactions on Knowledge and Data Engineering
Threat Modeling
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
Aspect-oriented specification of threat-driven security requirements
International Journal of Computer Applications in Technology
Enabling the adoption of aspects - testing aspects: a risk model, fault model and patterns
Proceedings of the 8th ACM international conference on Aspect-oriented software development
Research on software design level security vulnerabilities
ACM SIGSOFT Software Engineering Notes
Improving functional testing through aspects: a case study
Proceedings of the 10th international conference on Early aspects: current challenges and future directions
Procedural security analysis: A methodological approach
Journal of Systems and Software
Modeling security attacks with statecharts
Proceedings of the joint ACM SIGSOFT conference -- QoSA and ACM SIGSOFT symposium -- ISARCS on Quality of software architectures -- QoSA and architecting critical systems -- ISARCS
Formal analysis of an electronic voting system: An experience report
Journal of Systems and Software
| Hi-index | 0.00 |
This paper presents a formal approach to threat-driven modeling and verification of secure software using aspect-oriented Petri nets. Based on the behavior model of intended functions, we identify and build formal models of security threats, which are potential misuses and anomalies of the intended functions that violate security goals. Threat mitigations are further modeled in an aspect-oriented paradigm. Taking Petri nets as a formal basis for modeling behaviors, threats, and mitigations as a whole, we verify properties of and consistency between behaviors and threats, and absence of identified threats from the integrated model of functions and threat mitigations. This makes it possible to achieve a design that is provably resistant to the anticipated threats and thus reduce significant design-level vulnerabilities.