论文信息 - Automating architectural security analysis

Automating architectural security analysis

In earlier work [1] we had looked at implementing the Microsoft STRIDE methodology in the context of evaluating security properties of FMC/TAM architectural diagrams. However, a major drawback of this approach is that it requires significant manual work to assess all reported potential threats, as well as identify concrete follow-ups. Equally, it is not possible to analyse an architecture from the perspective of the primary assets that require protection. This led us to two questions: a) whether using interaction information in architecture diagrams, supported by additional security semantics, can reduce the scope of analysis as well as partly automate it; b) whether using asset-centric and attacker-centric perspectives can complement the software-centric perspective of STRIDE and thus add value to the current threat model.

Andreas Schaad | Alexandr Garaga

[1] Andreas Schaad,et al. Security and safety of assets in business processes , 2012, SAC '12.

[2] Andreas Schaad,et al. TAM2: automated threat analysis , 2012, SAC '12.