Assuring Security through Attribute GSN

Yamamoto, Shuichiro

doi:10.1109/icitcs.2015.7292954

Cited by 16 publications

(20 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, these studies lack detailed guidelines of how to create these quantitative attributes. An example is the usage scenario that suggests to use attribute values for evaluating an architecture (Yamamoto 2015). The approach suggests to assign values to evidence, ranging from −2 to 2, based on how satisfying the evidence are to the claims, i.e., to what degree the provided evidence justify the claims.…”

Section: Potential For a Wide Range Of Benefitsmentioning

confidence: 99%

Security assurance cases—state of the art of an emerging approach

2021

View full text Add to dashboard Cite

Security Assurance Cases (SAC) are a form of structured argumentation used to reason about the security properties of a system. After the successful adoption of assurance cases for safety, SAC are getting significant traction in recent years, especially in safety-critical industries (e.g., automotive), where there is an increasing pressure to be compliant with several security standards and regulations. Accordingly, research in the field of SAC has flourished in the past decade, with different approaches being investigated. In an effort to systematize this active field of research, we conducted a systematic literature review (SLR) of the existing academic studies on SAC. Our review resulted in an in-depth analysis and comparison of 51 papers. Our results indicate that, while there are numerous papers discussing the importance of SAC and their usage scenarios, the literature is still immature with respect to concrete support for practitioners on how to build and maintain a SAC. More importantly, even though some methodologies are available, their validation and tool support is still lacking.

show abstract

Section: Potential For a Wide Range Of Benefitsmentioning

confidence: 99%

Security assurance cases—state of the art of an emerging approach

2021

View full text Add to dashboard Cite

show abstract

“…Therefore, in 2015, Yamamoto made an improvement by presenting the Soft Goal using Weight (SGW) approach [8], [33], which can be used to define the priority among sub softgoals for quantitative goal decomposition. Yamamoto also proposed a quantitative architecture evaluation method called Attribute GSN by extending traditional GSN [10]. In this method, system safety and security attribute values are assigned to the GSN nodes to conduct quantitative safety and security assurance.…”

Section: Related Work a Nfr Assuring Approachesmentioning

confidence: 99%

An Evaluation of Quantitative Non-Functional Requirements Assurance Using ArchiMate

et al. 2020

Self Cite

View full text Add to dashboard Cite

Goal-oriented NFR (Non-Functional Requirement) assurance approaches were used to qualitatively evaluate software architectures. Assurance cases using quantitative method have not been applied to evaluate NFR assurance for software architectures. This paper presents a system architecture evaluation method which is able to conduct quantitative NFR assurance evaluation for system architecture through ArchiMate. The paper also proposes an algorithm to automate the quantitative evaluation process. A questionnaire survey among software engineers and a case study on a vehicular safety monitor system were carried out to verify the necessity of the method. Additionally, we conducted an experimental design with 18 samples divided into 2 groups with the goal of comparing how the independent variables affect the dependent variables. The results of the experiment demonstrate that the proposed method achieves better NFR evaluation effect than the traditional approach. Moreover, compared with the traditional approach, the proposed method shortens the time for NFR evaluation. The proposed method is expected to be used at the early stage of software development projects for system NFR development, such as requirements analysis, system architecture design and system modeling. At present, the method has been applied by software engineers in a practical software project.

show abstract

“…To assess uncertainties which may affect the system's safety, researchers have proposed techniques to estimate confidence in structured assurance cases, either through qualitative or quantitative approaches [27,44]. The majority of these are based on the Dempster-Shafer Theory [31,60], Josang's Opinion Triangle [17], Bayesian Belief Networks (BNNs) [16,61], Evidential Reasoning (ER) [45] and weighted averages [59]. The approaches which use BBNs treat safety goals as nodes in the network and try to compute their conditional probability based on given probabilities for the leaf nodes of the network.…”

Section: Sources Of Uncertainty In Software Developmentmentioning

confidence: 99%

“…The area of system dependability has produced a significant body of work describing how to model assurance cases (e.g., [4,5,14,38]), and how to assess reviewer's confidence in the argument being made (e.g., [16,31,45,59,60]). There is also early work on assessing the impact of change on the assurance argument when the system undergoes change [39].…”

Section: Introductionmentioning

confidence: 99%

Software Assurance in an Uncertain World

Chećhik

Salay

Viger

et al. 2019

Fundamental Approaches to Software Engineering

View full text Add to dashboard Cite

From financial services platforms to social networks to vehicle control, software has come to mediate many activities of daily life. Governing bodies and standards organizations have responded to this trend by creating regulations and standards to address issues such as safety, security and privacy. In this environment, the compliance of software development to standards and regulations has emerged as a key requirement. Compliance claims and arguments are often captured in assurance cases, with linked evidence of compliance. Evidence can come from testcases, verification proofs, human judgment, or a combination of these. That is, experts try to build (safety-critical) systems carefully according to well justified methods and articulate these justifications in an assurance case that is ultimately judged by a human. Yet software is deeply rooted in uncertainty; most complex open-world functionality (e.g., perception of the state of the world by a self-driving vehicle), is either not completely specifiable or it is not cost-effective to do so; software systems are often to be placed into uncertain environments, and there can be uncertainties that need to be We argue that the role of assurance cases is to be the grand unifier for software development, focusing on capturing and managing uncertainty. We discuss three approaches for arguing about safety and security of software under uncertainty, in the absence of fully sound and complete methods: assurance argument rigor, semantic evidence composition and applicability to new kinds of systems, specifically those relying on ML.

show abstract

Assuring Security through Attribute GSN

Cited by 16 publications

References 10 publications

Security assurance cases—state of the art of an emerging approach

Security assurance cases—state of the art of an emerging approach

An Evaluation of Quantitative Non-Functional Requirements Assurance Using ArchiMate

Software Assurance in an Uncertain World

Contact Info

Product

Resources

About