Software architecture-driven detection of security vulnerabilities

Kaarina Karppinen; Mikael Lindvall

Software architecture-driven detection of security vulnerabilities

Kaarina Karppinen
, Mikael Lindvall

VTT Technical Research Centre of Finland

Fraunhofer Institute for Experimental Software Engineering (IESE)

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

Abstract

Crucial architectural features are often violated. It is typically difficult to find these violations. The violations cause the software to decay and may create security vulnerabilities. In the past, we have used an architecture-driven approach to successfully detect architecture violations. This ongoing experimental study, a work-in-progress, will shed some light on the relationship between architecture constructs and security vulnerabilities and will help determine to what extent architecture analysis tools can help detect security vulnerabilities that are caused by architecture violations. Ultimately our goal is to help design software architectures that meet their security requirements.

Original language	English
Title of host publication	Proceedings of the 2007 International Conference on Software Engineering Research and Practice
Subtitle of host publication	SERP 2007
Publisher	CSREA Press
Pages	595-599
Volume	2
ISBN (Electronic)	1-60132-034-5
ISBN (Print)	1-60132-033-7
Publication status	Published - 2007
MoE publication type	A4 Article in a conference publication
Event	2007 International Conference on Software Engineering Research and Practice SERP 2007 - Las Vegas, United States Duration: 25 Jun 2007 → 28 Jun 2007

Conference

Conference	2007 International Conference on Software Engineering Research and Practice SERP 2007
Country/Territory	United States
City	Las Vegas
Period	25/06/07 → 28/06/07

Keywords

Software architecture
Security

Cite this

@inproceedings{43f074ec46af4a2d8f073b521c46053f,

title = "Software architecture-driven detection of security vulnerabilities",

abstract = "Crucial architectural features are often violated. It is typically difficult to find these violations. The violations cause the software to decay and may create security vulnerabilities. In the past, we have used an architecture-driven approach to successfully detect architecture violations. This ongoing experimental study, a work-in-progress, will shed some light on the relationship between architecture constructs and security vulnerabilities and will help determine to what extent architecture analysis tools can help detect security vulnerabilities that are caused by architecture violations. Ultimately our goal is to help design software architectures that meet their security requirements.",

keywords = "Software architecture, Security",

author = "Kaarina Karppinen and Mikael Lindvall",

year = "2007",

language = "English",

isbn = "1-60132-033-7",

volume = "2",

pages = "595--599",

booktitle = "Proceedings of the 2007 International Conference on Software Engineering Research and Practice",

publisher = "CSREA Press",

address = "United States",

note = "2007 International Conference on Software Engineering Research and Practice SERP 2007 ; Conference date: 25-06-2007 Through 28-06-2007",

}

Karppinen, K & Lindvall, M 2007, Software architecture-driven detection of security vulnerabilities. in Proceedings of the 2007 International Conference on Software Engineering Research and Practice: SERP 2007. vol. 2, CSREA Press, pp. 595-599, 2007 International Conference on Software Engineering Research and Practice SERP 2007, Las Vegas, Nevada, United States, 25/06/07.

Software architecture-driven detection of security vulnerabilities. / Karppinen, Kaarina; Lindvall, Mikael.
Proceedings of the 2007 International Conference on Software Engineering Research and Practice: SERP 2007. Vol. 2 CSREA Press, 2007. p. 595-599.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Software architecture-driven detection of security vulnerabilities

AU - Karppinen, Kaarina

AU - Lindvall, Mikael

PY - 2007

Y1 - 2007

N2 - Crucial architectural features are often violated. It is typically difficult to find these violations. The violations cause the software to decay and may create security vulnerabilities. In the past, we have used an architecture-driven approach to successfully detect architecture violations. This ongoing experimental study, a work-in-progress, will shed some light on the relationship between architecture constructs and security vulnerabilities and will help determine to what extent architecture analysis tools can help detect security vulnerabilities that are caused by architecture violations. Ultimately our goal is to help design software architectures that meet their security requirements.

AB - Crucial architectural features are often violated. It is typically difficult to find these violations. The violations cause the software to decay and may create security vulnerabilities. In the past, we have used an architecture-driven approach to successfully detect architecture violations. This ongoing experimental study, a work-in-progress, will shed some light on the relationship between architecture constructs and security vulnerabilities and will help determine to what extent architecture analysis tools can help detect security vulnerabilities that are caused by architecture violations. Ultimately our goal is to help design software architectures that meet their security requirements.

KW - Software architecture

KW - Security

M3 - Conference article in proceedings

SN - 1-60132-033-7

VL - 2

SP - 595

EP - 599

BT - Proceedings of the 2007 International Conference on Software Engineering Research and Practice

PB - CSREA Press

T2 - 2007 International Conference on Software Engineering Research and Practice SERP 2007

Y2 - 25 June 2007 through 28 June 2007

ER -

Software architecture-driven detection of security vulnerabilities

Abstract

Conference

Keywords

Fingerprint

Cite this