Integrating risk assessment and threat modeling within SDLC process

Risk assessment and threat modeling are conducted for different purpose. The integration of risk assessment and threat modeling process limit the risk of software-based system. Incorporating security in all phases of software development life cycle is a tedious task in many organizations. In design phase of SDLC, the 50 % software defects are identified and detected. Most of the security attacks are happen in application layer. This paper explains the combined use of risk assessment and threat model to understand the security risk of an application. We also discuss how the model may be identifying threats and how to frame threat prioritization for threat category. Finally, we recommend understanding of risk of detection and creating a fair environment to reduce the likelihood of committing criminal acts by attackers.

[1]  Adam Shostack,et al.  Experiences Threat Modeling at Microsoft , 2008, MODSEC@MoDELS.

[2]  Vadim Okun,et al.  Web Application Scanners: Definitions and Functions , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[3]  Eugene H. Spafford,et al.  Understanding insiders: An analysis of risk-taking behavior , 2013, Inf. Syst. Frontiers.

[4]  Wouter Joosen,et al.  A descriptive study of Microsoft’s threat modeling technique , 2015, Requirements Engineering.

[5]  Peter Torr,et al.  Demystifying the threat modeling process , 2005, IEEE Security & Privacy Magazine.

[6]  Michael Howard,et al.  The security development lifecycle : SDL, a process for developing demonstrably more secure software , 2006 .

[7]  Martin Höst,et al.  A case study on software risk analysis and planning in medical device development , 2014, Software Quality Journal.

[8]  Danny Dhillon,et al.  Developer-Driven Threat Modeling: Lessons Learned in the Trenches , 2011, IEEE Security & Privacy.