Guest Editors' Introduction: Special Section on Software Engineering for Secure Systems

THE proliferation of computers in society has meant that organizational and personal assets are increasingly stored and manipulated by software systems. The scale of misuse of these assets has also increased because of their worldwide accessibility through the Internet and the automation of systems. Security is concerned with the prevention of such misuse. While no system can be made completely secure, understanding the context in which a system will be deployed and used, the risks and threats of its misuse, and the systematic development of its software are increasingly recognized as critical to its success. The cross-fertilization of systems development techniques from software engineering and security engineering offers opportunities to minimize duplication of research efforts in both areas and, more importantly, to bridge gaps in our knowledge of how to develop secure softwareintensive systems. The aim of this special issue is to publish novel research work that draws upon software engineering to develop secure systems more effectively. Its scope covers the processes, techniques, technology, people, and knowledge bases that have, or need, the capability to contribute to producing more secure software-intensive systems. In response to the call for papers for this special section, we received 41 submissions, regarding software engineering issues addressing the requirements, design, coding, testing, and maintenance of secure software systems. Each paper was reviewed by at least three expert referees. After two rounds of reviewing, we selected six papers which focus on requirements and design of secure software. The first two papers address both security and privacy requirements, making use of varying degrees of formalism to represent and analyze those requirements. “Analyzing Regulatory Rules for Privacy and Security Requirements” by Travis Breaux and Annie Anton addresses the often overwhelming complexity of regulatory requirements of financial, healthcare, and other software. The formalism and process presented glean enforceable security policy directly from the regulatory statutes. “Privately Finding Specifications” by Westley Weimer and Nina Mishra deals with one of the daunting realities of data sharing, the fact that it is often an all or nothing proposition. This paper describes an attempt to mitigate oversharing in the discovery of software specifications by perturbing program traces. The careful addition of noise into the traces allows specification discovery while preventing the exposure of other sensitive aspects of the program. The next three papers consider how the design of software systems can be realized through security infrastructure. “Semantics-Based Design for Secure Web Services” by Massimo Bartoletti, Pierpaolo Degano, Gian Luigi Ferrari, and Roberto Zunino considers how to develop secure Web services by formally reasoning about policy compliance over historical behaviors. In essence, Web services “contract” (compose) with those systems that respect policies of interest, thereby ensuring globally secure behavior. “Provable Protection against Web Application Vulnerabilities Related to Session Data Dependencies” by Lieven Desmet, Pierre Verbaeten, Wouter Joosen, and Frank Piessens acknowledge recent advances in secure Web application design and development that have made online systems safer. The techniques detailed in this paper prevent misuse of often loosely coupled session dependencies in and among Web applications. “WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation” by William Halfond, Alessandro Orso, and Panagiotis Manolios presents a novel method for preventing SQL injection attacks—attacks in which the adversary inserts arbitrary database query code into an application by manipulating input strings. The paper uses language techniques to dynamically annotate ”trusted” strings, thereby avoiding any use of potentially unsafe strings. The final paper presents a method of certifying that a software system meets its security requirements. “Applying Formal Methods to a Certifiably Secure Software System” by Connie Heitmeyer, Myla Archer, Elizabeth Leonard, and John McLean adds to recent advances that are beginning to make this costly and complex process of formal verification tractable. This paper presents a novel certification method that uses formalized security models to construct a mechanized proof of security over a real-world target system. The papers in this special section demonstrate the strength of research in the area of engineering secure software. If the range and strength of the submissions to the special section are anything to go by, the area is healthy and vibrant and we fully expect many of the submissions that IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. 34, NO. 1, JANUARY/FEBRUARY 2008 3

[1]  John Mylopoulos,et al.  Security and privacy requirements analysis within a social setting , 2003, Proceedings. 11th IEEE International Requirements Engineering Conference, 2003..

[2]  Premkumar T. Devanbu,et al.  Software engineering for security: a roadmap , 2000, ICSE '00.

[3]  Bashar Nuseibeh,et al.  Security Requirements Engineering: A Framework for Representation and Analysis , 2008, IEEE Transactions on Software Engineering.

[4]  Axel van Lamsweerde,et al.  Reasoning about confidentiality at requirements engineering time , 2005, ESEC/FSE-13.