Security measuring for self-adaptive security

Antti Evesti, Habtamu Abie, Reijo Savola

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Abstract

    Self-adaptive security is needed due to vast amount of changes in an execution environment and threat landscape, which all cannot be anticipated at software design-time. Self-adaptive security requires means for monitoring a security level and decision making capability to improve the current security level. In this paper, we describe how security metrics are able to support self-adaptive security. The paper analyses benefits and challenges of security measuring from the self-adaptive security perspective. Thus, five benefits and three challenges of security metrics in self-adaptive security are described. Furthermore, the paper derives requirements that measuring causes for self-adaptive security. Based on the derived requirements, extension components for the MAPE (Monitor, Analyse, Plan and Execute) reference model are proposed.
    Original languageEnglish
    Title of host publicationProceedings of the 2014 European Conference on Software Architecture Workshops
    Subtitle of host publicationECSAW '14
    Place of PublicationAustria
    PublisherAssociation for Computing Machinery ACM
    Number of pages7
    ISBN (Print)978-1-4503-2778-7
    DOIs
    Publication statusPublished - 2014
    MoE publication typeA4 Article in a conference publication
    Event8th European Conference on Software Architecture Workshops, ECSAW 2014 - Vienna, Austria
    Duration: 25 Aug 201429 Aug 2014

    Conference

    Conference8th European Conference on Software Architecture Workshops, ECSAW 2014
    Abbreviated titleECSAW 2014
    CountryAustria
    CityVienna
    Period25/08/1429/08/14

      Fingerprint

    Cite this

    Evesti, A., Abie, H., & Savola, R. (2014). Security measuring for self-adaptive security. In Proceedings of the 2014 European Conference on Software Architecture Workshops: ECSAW '14 [5] Association for Computing Machinery ACM. https://doi.org/10.1145/2642803.2642808