• Login
    View Item 
    •   Home
    • Research Publications
    • Engineering & Technology
    • Department of Electronics, Computing & Maths
    • View Item
    •   Home
    • Research Publications
    • Engineering & Technology
    • Department of Electronics, Computing & Maths
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Browse

    All of UDORACommunitiesTitleAuthorsIssue DateSubmit DateSubjectsThis CollectionTitleAuthorsIssue DateSubmit DateSubjects

    My Account

    LoginRegister

    About and further information

    AboutOpen Access WebpagesOpen Access PolicyTake Down Policy University Privacy NoticeUniversity NewsTools for ResearchersLibraryUDo

    Statistics

    Display statistics

    Automated analysis of security requirements through risk-based argumentation

    • CSV
    • RefMan
    • EndNote
    • BibTex
    • RefWorks
    Thumbnail
    Name:
    Publisher version
    View Source
    Access full-text PDFOpen Access
    View Source
    Check access options
    Check access options
    Authors
    Yu, Yijun cc
    Franqueira, Virginia N. L. cc
    Than Tun, Thein
    Wieringa, Roel J.
    Nuseibeh, Bashar
    Affiliation
    University of Derby
    Issue Date
    2015-04-23
    
    Metadata
    Show full item record
    Abstract
    Computer-based systems are increasingly being exposed to evolving security threats, which often reveal new vulnerabilities. A formal analysis of the evolving threats is difficult due to a number of practical considerations such as incomplete knowledge about the design, limited information about attacks, and constraints on organisational resources. In our earlier work on RISA (RIsk assessment in Security Argumentation), we showed that informal risk assessment can complement the formal analysis of security requirements. In this paper, we integrate the formal and informal assessment of security by proposing a unified meta-model and an automated tool for supporting security argumentation called OpenRISA. Using a uniform representation of risks and arguments, our automated checking of formal arguments can identify relevant risks as rebuttals to those arguments, and identify mitigations from publicly available security catalogues when possible. As a result, security engineers are able to make informed and traceable decisions about the security of their computer-based systems. The application of OpenRISA is illustrated with examples from a PIN Entry Device case study.
    Citation
    Yu, Y. et al (2015) 'Automated analysis of security requirements through risk-based argumentation', Journal of Systems and Software, 106, pp.102-116. DOI: 10.1016/j.jss.2015.04.065
    Publisher
    Elsevier
    Journal
    Journal of Systems and Software
    URI
    http://hdl.handle.net/10545/555820
    DOI
    10.1016/j.jss.2015.04.065
    Additional Links
    http://linkinghub.elsevier.com/retrieve/pii/S0164121215000850
    http://www.sciencedirect.com/science/article/pii/S0164121215000850
    Type
    Article
    Language
    en
    ISSN
    01641212
    ae974a485f413a2113503eed53cd6c53
    10.1016/j.jss.2015.04.065
    Scopus Count
    Collections
    Department of Electronics, Computing & Maths

    entitlement

     
    DSpace software (copyright © 2002 - 2021)  DuraSpace
    Quick Guide | Contact Us
    Open Repository is a service operated by 
    Atmire NV
     

    Export search results

    The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

    By default, clicking on the export buttons will result in a download of the allowed maximum amount of items.

    To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

    After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.