Requirement centric security evaluation of software intensive systems

Reijo Savola

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    4 Citations (Scopus)

    Abstract

    Development of the information security requirements of practical software-intensive systems is typically ignored, at an inadequate level or relies heavily on the experience of the security professionals. However, it is obvious that security requirements are in the focus in all phases of security engineering. Automated approaches are needed in this field. We introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.
    Original languageEnglish
    Title of host publicationProceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007
    PublisherIEEE Institute of Electrical and Electronic Engineers
    Pages135-142
    ISBN (Print)0-7695-2850-3
    DOIs
    Publication statusPublished - 2007
    MoE publication typeA4 Article in a conference publication
    Event2nd International Conference on Dependability of Computer Systems, DepCoS-RELCOMEX 2007 - Szklarska, Poland
    Duration: 14 Jun 200716 Jun 2007

    Conference

    Conference2nd International Conference on Dependability of Computer Systems, DepCoS-RELCOMEX 2007
    Abbreviated titleDepCoS-RELCOMEX 2007
    Country/TerritoryPoland
    CitySzklarska
    Period14/06/0716/06/07

    Keywords

    • information security
    • security
    • software-intensive products
    • software
    • software safety

    Fingerprint

    Dive into the research topics of 'Requirement centric security evaluation of software intensive systems'. Together they form a unique fingerprint.

    Cite this