A Knowledge Based Threat Analysis in Trustworthy Software Engineering

被引：0

作者：

Li, Xiaohong ^{[1
]}

Liu, Fengxu ^{[1
]}

Feng, Zhiyong ^{[1
]}

Xing, Jinliang ^{[1
]}

机构：

[1] Tianjin Univ, Tianjin 300000, Peoples R China

来源：

MECHANICAL AND ELECTRONICS ENGINEERING III, PTS 1-5 | 2012年 / 130-134卷

关键词：

Trustworthy software; Software security; Threat modeling; Expert System;

D O I：

10.4028/www.scientific.net/AMM.130-134.3177

中图分类号：

TH [机械、仪表工业];

学科分类号：

0802 ;

摘要：

In recent years, the security of software becomes one significant feature of software. This paper improves trustworthy software engineering through a knowledge based expert system. We propose the knowledge collection and organization method, and threats analyzing algorithm in detail which are the kernel of the expert system. The software threat information is divided into threat state and exploit, and stored in the knowledge database together with the state production and exploit production representing the relationships between threat state and exploit. The threat analysis calculates the threat degree quantitatively of an application based on this knowledge in a formal way and give security advice to mitigate threats. Our method can reduce the work of an experienced security expert which is time consuming and economic costly, therefore popularizes the trustworthy software engineering.

引用

页码：3177 / 3180

页数：4

共 50 条

[1] Knowledge-Based Support for Software Engineering
Batanov, Dencho
ARTIFICIAL INTELLIGENCE APPLICATIONS AND INNOVATIONS, 2010, 339 : 219 - 229
[2] A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
Md Tarique Jamal Ansari
Fahad Ahmed Al-Zahrani
Dhirendra Pandey
Alka Agrawal
BMC Medical Informatics and Decision Making, 20
[3] A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
Ansari, Md Tarique Jamal
Al-Zahrani, Fahad Ahmed
Pandey, Dhirendra
Agrawal, Alka
BMC MEDICAL INFORMATICS AND DECISION MAKING, 2020, 20 (01)
[4] Threat Analysis for Hardware and Software Products using HazOp
Daruwala, Burzin
Mandujano, Salvador
Mangipudi, Narasimha Kumar
Wong, Hao-chi
PROCEEDINGS OF THE 15TH AMERICAN CONFERENCE ON APPLIED MATHEMATICS AND PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON COMPUTATIONAL AND INFORMATION SCIENCES 2009, VOLS I AND II, 2009, : 446 - +
[5] Trustworthy Software Development Based on Model Driven Architecture
Zhu, Yang
Fei, Lanhua
Yang, Nianhua
INFORMATION COMPUTING AND APPLICATIONS, ICICA 2013, PT I, 2013, 391 : 193 - +
[6] Trustworthy Software Development
Paulus, Sachar
Mohammadi, Nazila Gol
Weyer, Thorsten
COMMUNICATIONS AND MULTIMEDIA SECURITY, CMS 2013, 2013, 8099 : 233 - 247
[7] Threat Extraction Method Based on UML Software Description
Zeinali, Masoumeh
Hadavi, Mohammad Ali
2018 15TH INTERNATIONAL ISC (IRANIAN SOCIETY OF CRYPTOLOGY) CONFERENCE ON INFORMATION SECURITY AND CRYPTOLOGY (ISCISC), 2018,
[8] Measure Model of Trustworthy Software Based on Axiomatic Design
Yang, Bin
Xiao, Renbin
2010 2ND INTERNATIONAL WORKSHOP ON DATABASE TECHNOLOGY AND APPLICATIONS PROCEEDINGS (DBTA), 2010,
[9] A Reallocation Approach for Software Trustworthiness Based on Trustworthy Attributes
Tao, Hongwei
Chen, Yixiang
Wu, Hengyang
MATHEMATICS, 2020, 8 (01) : 1 - 15
[10] Formal analysis to non-functional requirements of trustworthy software
Zhang, Xuan
Li, Tong
Wang, Xu
Yu, Qian
Yu, Yong
Zhu, Rui
Ruan Jian Xue Bao/Journal of Software, 2015, 26 (10): : 2545 - 2566

← 1 2 3 4 5 →