面向定量安全保证的自动推理

2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS) Pub Date : 2019-10-01 DOI:10.1109/ICSESS47205.2019.9040823

Zhengshu Zhou, Qiang Zhi, Shuichiro Yamamoto, Zilong Liang

{"title":"面向定量安全保证的自动推理","authors":"Zhengshu Zhou, Qiang Zhi, Shuichiro Yamamoto, Zilong Liang","doi":"10.1109/ICSESS47205.2019.9040823","DOIUrl":null,"url":null,"abstract":"System security assurance has become one of the most important research directions in software engineering and requirement engineering. To date, a lot of approaches have been proposed to conduct system security assurance. However, in these existing approaches, the constraint conditions of security assurance are rarely mentioned. In software engineering domain, constraint is a critical factor that can affect the success or failure of the engineering project, and thus the practicability of these approaches may be called in question. In order to resolve this problem, this paper proposes a new security assurance method that allows engineers to give consideration to both contribution attributes and cost attributes for security objectives during system architecture design process. In addition, a recursive algorithm is proposed and implemented to realize automated reasoning for developing security assurance cases.","PeriodicalId":203944,"journal":{"name":"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)","volume":"162 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Automated Reasoning towards Quantitative Security Assurance\",\"authors\":\"Zhengshu Zhou, Qiang Zhi, Shuichiro Yamamoto, Zilong Liang\",\"doi\":\"10.1109/ICSESS47205.2019.9040823\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"System security assurance has become one of the most important research directions in software engineering and requirement engineering. To date, a lot of approaches have been proposed to conduct system security assurance. However, in these existing approaches, the constraint conditions of security assurance are rarely mentioned. In software engineering domain, constraint is a critical factor that can affect the success or failure of the engineering project, and thus the practicability of these approaches may be called in question. In order to resolve this problem, this paper proposes a new security assurance method that allows engineers to give consideration to both contribution attributes and cost attributes for security objectives during system architecture design process. In addition, a recursive algorithm is proposed and implemented to realize automated reasoning for developing security assurance cases.\",\"PeriodicalId\":203944,\"journal\":{\"name\":\"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)\",\"volume\":\"162 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSESS47205.2019.9040823\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSESS47205.2019.9040823","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

系统安全保障已成为软件工程和需求工程的重要研究方向之一。迄今为止，已经提出了许多方法来进行系统安全保证。然而，在这些现有的方法中，很少提到安全保证的约束条件。在软件工程领域，约束是影响工程项目成败的关键因素，因此这些方法的实用性可能会受到质疑。为了解决这一问题，本文提出了一种新的安全保证方法，允许工程师在系统架构设计过程中同时考虑安全目标的贡献属性和成本属性。此外，提出并实现了一种递归算法，以实现开发安全保障案例的自动推理。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Automated Reasoning towards Quantitative Security Assurance

System security assurance has become one of the most important research directions in software engineering and requirement engineering. To date, a lot of approaches have been proposed to conduct system security assurance. However, in these existing approaches, the constraint conditions of security assurance are rarely mentioned. In software engineering domain, constraint is a critical factor that can affect the success or failure of the engineering project, and thus the practicability of these approaches may be called in question. In order to resolve this problem, this paper proposes a new security assurance method that allows engineers to give consideration to both contribution attributes and cost attributes for security objectives during system architecture design process. In addition, a recursive algorithm is proposed and implemented to realize automated reasoning for developing security assurance cases.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS)

自引率

0.00%

发文量