Supporting Common Criteria Security Analysis with Problem Frames

Software vendors have to build their customers’ trust through appropriate security functionalities of their products. The Common Criteria (ISO 15408) security standard provides an evaluation process for a software product, the application of which results in a set of documents that can be reviewed by a certification body. Creating this comprehensible set of documents is difficult, due to a detailed threat analysis, security objectives elicitation, and a selection and implementation of appropriate security measures. Moreover, the descriptions of what to do in the document are given in ambiguous natural language. We propose a model-driven approach for Common Criteria threat analysis and the subsequent security analysis based on the problem frames security requirements engineering method. Our method contains a UML profile that aligns the problem frames and Common Criteria concepts and terminology. Furthermore, we provide OCL checks for these models for consistency and reasoning support. In addition, our tool support contains a functionality to transform the information stored in UML models to natural language texts in LaTeX and HTML format. We illustrate the application of our approach for a smart grid example based on a published Common Criteria protection profile.

[1]  Kristian Beckers,et al.  A Problem-Based Threat Analysis in Compliance with Common Criteria , 2013, 2013 International Conference on Availability, Reliability and Security.

[2]  Kristian Beckers,et al.  Common criteria compliant software development (CC-CASD) , 2013, SAC '13.

[3]  Denis Hatebur,et al.  Pattern- and Component-based Development of Dependable Systems , 2012 .

[4]  Jan Jürjens,et al.  Enhancing security requirements engineering by organizational learning , 2012, Requirements Engineering.

[5]  Danny Dhillon,et al.  Developer-Driven Threat Modeling: Lessons Learned in the Trenches , 2011, IEEE Security & Privacy.

[6]  Chin-Feng Fan,et al.  Construction of an ontology-based common criteria review tool , 2010, 2010 International Computer Symposium (ICS2010).

[7]  Ketil Stølen,et al.  Model-Driven Risk Analysis - The CORAS Approach , 2010 .

[8]  Maritta Heisel,et al.  A UML Profile for Requirements Analysis of Dependable Software , 2010, SAFECOMP.

[9]  Lei Yin,et al.  A novel method of security requirements development integrated common criteria , 2010, 2010 International Conference On Computer Design and Applications.

[10]  Holger Schmidt A pattern- and component-based method to develop secure software , 2010 .

[11]  John Mylopoulos,et al.  Security Requirements Engineering: The SI* Modeling Language and the Secure Tropos Methodology , 2010, Advances in Intelligent Information Systems.

[12]  Nicolas Mayer,et al.  Model-based Management of Information System Security Risk , 2012 .

[13]  Maritta Heisel,et al.  A comparison of security requirements engineering methods , 2010, Requirements Engineering.

[14]  Nahid Shahmehri,et al.  Introducing Vulnerability Awareness to Common Criteria's Security Targets , 2009, 2009 Fourth International Conference on Software Engineering Advances.

[15]  Andrzej Bialas Ontology-Based Security Problem Definition and Solution for the Common Criteria Compliant Development Process , 2009, 2009 Fourth International Conference on Dependability of Computer Systems.

[16]  Axel van Lamsweerde,et al.  Requirements Engineering: From System Goals to UML Models to Software Specifications , 2009 .

[17]  T. Neubauer,et al.  AURUM: A Framework for Information Security Risk Management , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[18]  Andrzej Bialas Ontological Approach to the IT Security Development , 2009 .

[19]  Maritta Heisel,et al.  A Formal Metamodel for Problem Frames , 2008, MoDELS.

[20]  Bashar Nuseibeh,et al.  Security Requirements Engineering: A Framework for Representation and Analysis , 2008, IEEE Transactions on Software Engineering.

[21]  Nicolas Mayer,et al.  Design of a Modelling Language for Information System Security Risk Management , 2007, RCIS.

[22]  Mario Piattini,et al.  A comparison of the Common Criteria with proposals of information systems security requirements , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[23]  Michael Howard,et al.  The security development lifecycle : SDL, a process for developing demonstrably more secure software , 2006 .

[24]  Bashar Nuseibeh,et al.  Using abuse frames to bound the scope of security problems , 2004, Proceedings. 12th IEEE International Requirements Engineering Conference, 2004..

[25]  Bashar Nuseibeh,et al.  Core Security Requirements Artefacts , 2004 .

[26]  Monika Heiner,et al.  A Problem-Oriented Approach to Common Criteria Certification , 2002, SAFECOMP.

[27]  Michael A. Jackson,et al.  Problem Frames - Analysing and Structuring Software Development Problems , 2000 .