Requirement centric security evaluation of software intensive systems

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

4 Citations (Scopus)

Abstract

Development of the information security requirements of practical software-intensive systems is typically ignored, at an inadequate level or relies heavily on the experience of the security professionals. However, it is obvious that security requirements are in the focus in all phases of security engineering. Automated approaches are needed in this field. We introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.
Original languageEnglish
Title of host publicationProceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007
PublisherIEEE Institute of Electrical and Electronic Engineers
Pages135-142
ISBN (Print)0-7695-2850-3
DOIs
Publication statusPublished - 2007
MoE publication typeA4 Article in a conference publication
Event2nd International Conference on Dependability of Computer Systems, DepCoS-RELCOMEX 2007 - Szklarska, Poland
Duration: 14 Jun 200716 Jun 2007

Conference

Conference2nd International Conference on Dependability of Computer Systems, DepCoS-RELCOMEX 2007
Abbreviated titleDepCoS-RELCOMEX 2007
CountryPoland
CitySzklarska
Period14/06/0716/06/07

Fingerprint

Security of data

Keywords

  • information security
  • security
  • software-intensive products
  • software
  • software safety

Cite this

Savola, R. (2007). Requirement centric security evaluation of software intensive systems. In Proceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007 (pp. 135-142). IEEE Institute of Electrical and Electronic Engineers . https://doi.org/10.1109/DEPCOS-RELCOMEX.2007.41
Savola, Reijo. / Requirement centric security evaluation of software intensive systems. Proceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007. IEEE Institute of Electrical and Electronic Engineers , 2007. pp. 135-142
@inproceedings{8f722caea2c64f758f3b2bbd1b3cb1ad,
title = "Requirement centric security evaluation of software intensive systems",
abstract = "Development of the information security requirements of practical software-intensive systems is typically ignored, at an inadequate level or relies heavily on the experience of the security professionals. However, it is obvious that security requirements are in the focus in all phases of security engineering. Automated approaches are needed in this field. We introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.",
keywords = "information security, security, software-intensive products, software, software safety",
author = "Reijo Savola",
year = "2007",
doi = "10.1109/DEPCOS-RELCOMEX.2007.41",
language = "English",
isbn = "0-7695-2850-3",
pages = "135--142",
booktitle = "Proceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007",
publisher = "IEEE Institute of Electrical and Electronic Engineers",
address = "United States",

}

Savola, R 2007, Requirement centric security evaluation of software intensive systems. in Proceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007. IEEE Institute of Electrical and Electronic Engineers , pp. 135-142, 2nd International Conference on Dependability of Computer Systems, DepCoS-RELCOMEX 2007, Szklarska, Poland, 14/06/07. https://doi.org/10.1109/DEPCOS-RELCOMEX.2007.41

Requirement centric security evaluation of software intensive systems. / Savola, Reijo.

Proceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007. IEEE Institute of Electrical and Electronic Engineers , 2007. p. 135-142.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Requirement centric security evaluation of software intensive systems

AU - Savola, Reijo

PY - 2007

Y1 - 2007

N2 - Development of the information security requirements of practical software-intensive systems is typically ignored, at an inadequate level or relies heavily on the experience of the security professionals. However, it is obvious that security requirements are in the focus in all phases of security engineering. Automated approaches are needed in this field. We introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.

AB - Development of the information security requirements of practical software-intensive systems is typically ignored, at an inadequate level or relies heavily on the experience of the security professionals. However, it is obvious that security requirements are in the focus in all phases of security engineering. Automated approaches are needed in this field. We introduce a framework for security evaluation based on security requirement definition, behavior modeling and evidence collection.

KW - information security

KW - security

KW - software-intensive products

KW - software

KW - software safety

U2 - 10.1109/DEPCOS-RELCOMEX.2007.41

DO - 10.1109/DEPCOS-RELCOMEX.2007.41

M3 - Conference article in proceedings

SN - 0-7695-2850-3

SP - 135

EP - 142

BT - Proceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007

PB - IEEE Institute of Electrical and Electronic Engineers

ER -

Savola R. Requirement centric security evaluation of software intensive systems. In Proceedings of the 2nd International Conference on Dependability of Computer Systems, DepCOS-RELCOMEX 2007. IEEE Institute of Electrical and Electronic Engineers . 2007. p. 135-142 https://doi.org/10.1109/DEPCOS-RELCOMEX.2007.41