{"title":"在重建遗留软件系统时识别MBSE的安全问题","authors":"Donatas Mazeika, R. Butleris","doi":"10.1109/SoSE50414.2020.9130491","DOIUrl":null,"url":null,"abstract":"in this paper, we introduce how Model-based System Engineering (MBSE) could be leveraged in order to tackle security issues while recreating legacy software systems. Originally, MBSE was dedicated to managing the complex system creation in terms of system requirements, design, analysis, verification and validation activities leaving security aspects aside. However, previous research shows that security analysis activity could be integrated into MBSE activity and powerful MBSE tools such as change impact analysis, simulation, validation, and verification could be successfully applied in cross-cutting disciplines. The paper presents guidelines on how and when to apply various security techniques (e.g. security requirements, misuse cases, attack scenarios) in the MBSE environment. The case study demonstrates and proves the adaptability of the security guidelines on the realworld software system modernization project.","PeriodicalId":121664,"journal":{"name":"2020 IEEE 15th International Conference of System of Systems Engineering (SoSE)","volume":"110 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Identifying Security Issues with MBSE while Rebuilding Legacy Software Systems\",\"authors\":\"Donatas Mazeika, R. Butleris\",\"doi\":\"10.1109/SoSE50414.2020.9130491\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"in this paper, we introduce how Model-based System Engineering (MBSE) could be leveraged in order to tackle security issues while recreating legacy software systems. Originally, MBSE was dedicated to managing the complex system creation in terms of system requirements, design, analysis, verification and validation activities leaving security aspects aside. However, previous research shows that security analysis activity could be integrated into MBSE activity and powerful MBSE tools such as change impact analysis, simulation, validation, and verification could be successfully applied in cross-cutting disciplines. The paper presents guidelines on how and when to apply various security techniques (e.g. security requirements, misuse cases, attack scenarios) in the MBSE environment. The case study demonstrates and proves the adaptability of the security guidelines on the realworld software system modernization project.\",\"PeriodicalId\":121664,\"journal\":{\"name\":\"2020 IEEE 15th International Conference of System of Systems Engineering (SoSE)\",\"volume\":\"110 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 15th International Conference of System of Systems Engineering (SoSE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SoSE50414.2020.9130491\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 15th International Conference of System of Systems Engineering (SoSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SoSE50414.2020.9130491","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Identifying Security Issues with MBSE while Rebuilding Legacy Software Systems
in this paper, we introduce how Model-based System Engineering (MBSE) could be leveraged in order to tackle security issues while recreating legacy software systems. Originally, MBSE was dedicated to managing the complex system creation in terms of system requirements, design, analysis, verification and validation activities leaving security aspects aside. However, previous research shows that security analysis activity could be integrated into MBSE activity and powerful MBSE tools such as change impact analysis, simulation, validation, and verification could be successfully applied in cross-cutting disciplines. The paper presents guidelines on how and when to apply various security techniques (e.g. security requirements, misuse cases, attack scenarios) in the MBSE environment. The case study demonstrates and proves the adaptability of the security guidelines on the realworld software system modernization project.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
