Please enable JavaScript.
Coggle requires JavaScript to display documents.
C27:Security Engineering (1 (Security requirements elicitation
Determine…
C27:Security Engineering
1
-
Security modeling
Provides guidance during design, coding and review
State models can help software engineers ensure that the series of state transitions allowed by the system start and end in a secure state
Captures policy objectives, external interface requirements, software security requirements, rules of operation, description of security architecture
Using formal security models may improve the trustworthiness of a system since correctness proofs may be used as part of the system security case
-
2
Measures design
Security metrics should focus on system dependability, trustworthiness, and survivability
Measures or asset value, threat likelihood, are system vulnerability are needed to create these metrics
Correctness checks
-
Data collected during audits, inspections, and test cases are analyzed and summarized as a security case