A Survey on Requirements and Design Methods for Secure Software Development

State Machine Language (AsmL) AsmL is an extended finite state machine-based executable software specification language which has also been used to specify attack scenarios [41]. The authors argue that due to the extended finite state machine-based nature of AsmL, attacks with multiple steps can be specified in AsmL. Such attack scenarios can be automatically translated into Snort rules which can then be used with an extension of the IDS Snort [41]. Such attack scenarios are able to capture more attacks with multiple steps using context information. Snort rules, the standard input for Snort, cannot represent attacks with multiple steps.

[1]  M. Angela Sasse,et al.  Bringing security home: a process for developing secure and usable systems , 2003, NSPW '03.

[2]  Mohammad Zulkernine,et al.  AsmLSec: An Extension of Abstract State Machine Language for Attack Scenario Specification , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[3]  Rossouw von Solms,et al.  SecSDM: A Model for Integrating Security into the Software Development Life Cycle , 2007, World Conference on Information Security Education.

[4]  Olutayo Bamidele Ajayi,et al.  Towards Building Secure Software Systems , 2006 .

[5]  Mohammad Zulkernine,et al.  UMLintr: a UML profile for specifying intrusions , 2006, 13th Annual IEEE International Symposium and Workshop on Engineering of Computer-Based Systems (ECBS'06).

[6]  Eugene H. Spafford,et al.  Software vulnerability analysis , 1998 .

[7]  Cecilia Mascolo,et al.  Integrating security and usability into the requirements and design process , 2007, Int. J. Electron. Secur. Digit. Forensics.

[8]  John Viega Building security requirements with CLASP , 2005, SOEN.

[9]  Gary McGraw,et al.  Risk Analysis in Software Design , 2004, IEEE Secur. Priv..

[10]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[11]  Jörg P. Müller,et al.  Agent UML: A Formalism for Specifying Multiagent Software Systems , 2001, Int. J. Softw. Eng. Knowl. Eng..

[12]  Holger Peine,et al.  Rules of Thumb for Developing Secure Software: Analyzing and Consolidating Two Proposed Sets of Rules , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[13]  Carl E. Landwehr,et al.  A Taxonomy of Computer Program Security Flaws, with Examples , 1993 .

[14]  Donald Firesmith,et al.  Security Use Cases , 2003, J. Object Technol..

[15]  Mario Piattini,et al.  A common criteria based security requirements engineering process for the development of secure information systems , 2007, Comput. Stand. Interfaces.

[16]  Axelle Apvrille,et al.  Secure software development by example , 2005, IEEE Security & Privacy Magazine.

[17]  Gary McGraw,et al.  Software Security Testing , 2004, IEEE Secur. Priv..

[18]  John D. Musa,et al.  Software Reliability Engineering , 1998 .

[19]  Bernhard Bauer,et al.  Agent UML : A formalism for specifying multiagent interaction , 2001 .

[20]  Lamia Labed Jilani,et al.  S2D-ProM: A Strategy Oriented Process Model for Secure Software Development , 2007, International Conference on Software Engineering Advances (ICSEA 2007).

[21]  Gary McGraw,et al.  Building Secure Software : ソフトウェアセキュリティについて開発者が知っているべきこと , 2006 .

[22]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[23]  Haralambos Mouratidis,et al.  When security meets software engineering: a case of modelling secure information systems , 2005, Inf. Syst..

[24]  Jan Jürjens Model-based Security Testing Using UMLsec: A Case Study , 2008, Electron. Notes Theor. Comput. Sci..

[25]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.

[26]  Carnegie M Ielloii Secure Software Development Life Cycle Processes: A Technology Scouting Report , 2005 .

[27]  Joseph S. Sherif,et al.  Software security checklist for the software life cycle , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[28]  Carl E. Landwehr,et al.  A taxonomy of computer program security flaws , 1993, CSUR.

[29]  G. McGraw,et al.  Testing for security during development: why we should scrap penetrate-and-patch , 1997, Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance.

[30]  Mohammad Zulkernine,et al.  Quantifying Security in Secure Software Development Phases , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[31]  H. B. Williams,et al.  A Survey , 1992 .

[32]  John P. McDermott,et al.  Using abuse case models for security requirements analysis , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[33]  Nancy R. Mead,et al.  Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.

[34]  Giovanni Vigna,et al.  STATL: An Attack Language for State-Based Intrusion Detection , 2002, J. Comput. Secur..

[35]  John Viega,et al.  19 deadly sins of software security : programming flaws and how to fix them , 2005 .

[36]  Bashar Nuseibeh,et al.  A framework for security requirements engineering , 2006, SESS '06.

[37]  Stephen De Vries,et al.  Testing: Software Testing for security , 2007 .

[38]  Nancy R. Mead,et al.  Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.

[39]  Robert J. Ellison,et al.  Attack Trees , 2009, Encyclopedia of Biometrics.

[40]  Mohammad Zulkernine,et al.  Integrating software specifications into intrusion detection , 2007, International Journal of Information Security.

[41]  William Yurcik,et al.  Threat Modeling as a Basis for Security Requirements , 2005 .

[42]  Steven B. Lipner,et al.  The trustworthy computing security development lifecycle , 2004, 20th Annual Computer Security Applications Conference.

[43]  Mohammad Zulkernine,et al.  A model-based aspect-oriented framework for building intrusion-aware software systems , 2009, Inf. Softw. Technol..

[44]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[45]  Wouter Joosen,et al.  On the Secure Software Development Process: CLASP and SDL Compared , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[46]  Axel van Lamsweerde,et al.  Elaborating security requirements by construction of intentional anti-models , 2004, Proceedings. 26th International Conference on Software Engineering.

[47]  Mladen A. Vouk Software Reliability Engineering , 1999 .

[48]  Vamsi Paruchuri,et al.  Threat modeling using attack trees , 2008 .

[49]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[50]  Fausto Giunchiglia,et al.  Tropos: An Agent-Oriented Software Development Methodology , 2004, Autonomous Agents and Multi-Agent Systems.

[51]  Mohammed Hussein,et al.  Software Specification and Attack Languages , 2007 .

[52]  Mohammad Zulkernine,et al.  Bridging the gap: software specification meets intrusion detector , 2006, PST.

[53]  Mohammad Zulkernine,et al.  Intrusion detection aware component-based systems: A specification-based framework , 2007, J. Syst. Softw..

[54]  Barry W. Boehm,et al.  Understanding and Controlling Software Costs , 1988, IEEE Trans. Software Eng..

[55]  Matt Bishop,et al.  Addressing software security and mitigations in the life cycle , 2003, 28th Annual NASA Goddard Software Engineering Workshop, 2003. Proceedings..