How to Develop Security Case by Combining Real Life Security Experiences (Evidence) with D-case

“…The resulting cases have separate top claims for safety and security followed by separate argumentation; (iv) dynamic assurance cases (Calinescu et al 2017), an approach for generating arguments and evidence based on run-time patterns for the assurance cases of self-adaptive systems; (v) multiple viewpoint assurance cases where security is treated as an assurance viewpoint (Sljivo and Gallina 2016). The approach suggests to reuse AC artefacts by building multipleviewpoint AC using contracts, and introduces an algorithm for a model transformation from a contract meta model into an argumentation meta model; and (vi) dependability cases with focus on security (Patu and Yamamoto 2013a). -Documenting and visualizing SAC: These studies give guidelines of how to document a SAC, and visualize it (Poreddy and Corns 2011;Coffey et al 2014;Weinstock et al 2007).…”

“…For instance, different approaches which integrate SAC within the development life-cycle use different argumentation strategies (e.g., requirements Agudo et al 2009 and development phases Ray and Cleaveland 2015). The most common strategy depends on the output of a threat, vulnerability, asset or risk analysis (8 papers) (Cockram and Lautieri 2007;Coffey et al 2014;Cyra and Gorski 2007;Mohammadi et al 2018;Patu and Yamamoto 2013a;Vivas et al 2011;Xu et al 2017;Weinstock et al 2007). Other popular strategies are breaking down the claims based on the requirements or more specifically quality requirements and even more specifically security requirements (5 papers) (Agudo et al 2009;Calinescu et al 2017;Haley et al 2005;Netkachova et al 2015;Sklyar and Kharchenko 2017b), and arguing based on security properties, e.g., confidentiality, integrity and availability (5 papers) (Chindamaikul et al 2014;Finnegan and McCaffery 2014a;Mohammadi et al 2018;Poreddy and Corns 2011;Sklyar and Kharchenko 2017b).…”

“…The most common types of evidence reported in literature are test results (TR) (12 papers) (Ben Othmane and Ali 2016; Calinescu et al 2017;Cheah et al 2018;Chindamaikul et al 2014;Lipson and Weinstock 2008;Poreddy and Corns 2011;Shortt and Weber 2015;Sklyar and Kharchenko 2016, 2017a, b, 2019Sljivo and Gallina 2016) and different types of analysis. These analysis include threat and vulnerability (TVA) (Cockram and Lautieri 2007;McCaffery 2014a, b, Patu andYamamoto 2013a), code (CA) and bug (BA) (Chindamaikul et al 2014;Ben Othmane and Ali 2016;Sklyar and Kharchenko 2016, 2017a, b, 2019, security standards and policies (PA) (Agudo et al 2009;Netkachova et al 2015), risk (RA) (Mohammadi et al 2018), and log analysis (LA) (Mohammadi et al 2018;Patu and Yamamoto 2013a). Cheah et al (2018) present a classification of security test results using security severity ratings.…”

“…Other types of evidence reported in literature include process documents (PD) (Lipson and Weinstock 2008), design techniques (DT) (Mohammadi et al 2018), and security awareness and training (SA) (Patu and Yamamoto 2013a;Lipson and Weinstock 2008;Weinstock et al 2007). Lipson and Weinstock (2008) describe how to understand, gather, and generate multiple kinds of evidence that can contribute to building SAC.…”

“…There are 17 reported prerequisites. The majority belong to approaches (11) (Chindamaikul et al 2014;Cockram and Lautieri 2007;Cyra and Gorski 2007;Hawkins et al 2015;Patu and Yamamoto 2013a;Ankrum and Kromholz 2005;Cheah et al 2018;Sljivo and Gallina 2016;Tippenhauer et al 2014;Vivas et al 2011;Xu et al 2017) while the remaining ones belong to usage scenarios (2) (Bloomfield et al 2017;Goodger et al 2012), patterns (2) (Patu and Yamamoto 2013b;He and Johnson 2012), and tools (1) (Gacek et al 2014). We categorize prerequisites as follows: The studies in this category require the existence or performing certain analysis and models to achieve their purpose.…”

Security assurance cases—state of the art of an emerging approach

“…The resulting cases have separate top claims for safety and security followed by separate argumentation; (iv) dynamic assurance cases (Calinescu et al 2017), an approach for generating arguments and evidence based on run-time patterns for the assurance cases of self-adaptive systems; (v) multiple viewpoint assurance cases where security is treated as an assurance viewpoint (Sljivo and Gallina 2016). The approach suggests to reuse AC artefacts by building multipleviewpoint AC using contracts, and introduces an algorithm for a model transformation from a contract meta model into an argumentation meta model; and (vi) dependability cases with focus on security (Patu and Yamamoto 2013a). -Documenting and visualizing SAC: These studies give guidelines of how to document a SAC, and visualize it (Poreddy and Corns 2011;Coffey et al 2014;Weinstock et al 2007).…”

“…For instance, different approaches which integrate SAC within the development life-cycle use different argumentation strategies (e.g., requirements Agudo et al 2009 and development phases Ray and Cleaveland 2015). The most common strategy depends on the output of a threat, vulnerability, asset or risk analysis (8 papers) (Cockram and Lautieri 2007;Coffey et al 2014;Cyra and Gorski 2007;Mohammadi et al 2018;Patu and Yamamoto 2013a;Vivas et al 2011;Xu et al 2017;Weinstock et al 2007). Other popular strategies are breaking down the claims based on the requirements or more specifically quality requirements and even more specifically security requirements (5 papers) (Agudo et al 2009;Calinescu et al 2017;Haley et al 2005;Netkachova et al 2015;Sklyar and Kharchenko 2017b), and arguing based on security properties, e.g., confidentiality, integrity and availability (5 papers) (Chindamaikul et al 2014;Finnegan and McCaffery 2014a;Mohammadi et al 2018;Poreddy and Corns 2011;Sklyar and Kharchenko 2017b).…”

“…The most common types of evidence reported in literature are test results (TR) (12 papers) (Ben Othmane and Ali 2016; Calinescu et al 2017;Cheah et al 2018;Chindamaikul et al 2014;Lipson and Weinstock 2008;Poreddy and Corns 2011;Shortt and Weber 2015;Sklyar and Kharchenko 2016, 2017a, b, 2019Sljivo and Gallina 2016) and different types of analysis. These analysis include threat and vulnerability (TVA) (Cockram and Lautieri 2007;McCaffery 2014a, b, Patu andYamamoto 2013a), code (CA) and bug (BA) (Chindamaikul et al 2014;Ben Othmane and Ali 2016;Sklyar and Kharchenko 2016, 2017a, b, 2019, security standards and policies (PA) (Agudo et al 2009;Netkachova et al 2015), risk (RA) (Mohammadi et al 2018), and log analysis (LA) (Mohammadi et al 2018;Patu and Yamamoto 2013a). Cheah et al (2018) present a classification of security test results using security severity ratings.…”

“…Other types of evidence reported in literature include process documents (PD) (Lipson and Weinstock 2008), design techniques (DT) (Mohammadi et al 2018), and security awareness and training (SA) (Patu and Yamamoto 2013a;Lipson and Weinstock 2008;Weinstock et al 2007). Lipson and Weinstock (2008) describe how to understand, gather, and generate multiple kinds of evidence that can contribute to building SAC.…”

“…There are 17 reported prerequisites. The majority belong to approaches (11) (Chindamaikul et al 2014;Cockram and Lautieri 2007;Cyra and Gorski 2007;Hawkins et al 2015;Patu and Yamamoto 2013a;Ankrum and Kromholz 2005;Cheah et al 2018;Sljivo and Gallina 2016;Tippenhauer et al 2014;Vivas et al 2011;Xu et al 2017) while the remaining ones belong to usage scenarios (2) (Bloomfield et al 2017;Goodger et al 2012), patterns (2) (Patu and Yamamoto 2013b;He and Johnson 2012), and tools (1) (Gacek et al 2014). We categorize prerequisites as follows: The studies in this category require the existence or performing certain analysis and models to achieve their purpose.…”

Security assurance cases—state of the art of an emerging approach

Trustworthiness Cases – Toward Preparation for the Trustworthiness Certification

Mobile Security Assurance for Automotive Software Through ArchiMate