Modeling security attacks with statecharts

Omar A. El Ariss, Dianxiang Xu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

Software security is becoming a key quality concern as software applications are increasingly being used in untrustworthy computing environments such as the internet. Software is designed with the mindset of its functionalities and cost, where the focus is on the operational behavior while security concerns are neglected or marginally considered. As a result, software engineers build the software while lacking the knowledge about security and its effect on the system. This paper presents an approach for modeling the behavior of security threats using statecharts. The proposed approach introduces modular design for representing threats through the use of components and reusability. Through the focus on the behavior of an attack, software engineers can clearly define and understand security concerns as the application is being designed and developed. In addition, modeling security threats with statecharts makes it convenient to build a consistent semantic link between functional behaviors and security concerns.

Original languageEnglish (US)
Title of host publicationCompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11
Pages123-132
Number of pages10
DOIs
StatePublished - Jul 25 2011
Event7th Int. ACM SIGSOFT Conf. on the Quality of Software Archit., QoSA 2011 and the 2nd ACM SIGSOFT Int. Symp. on Archit. Critical Syst., ISARCS 2011, Part of the 2011 Federated Events on Component-Based Software Eng. and Software Archit., CompArch'11 - Boulder, CO, United States
Duration: Jun 20 2011Jun 24 2011

Other

Other7th Int. ACM SIGSOFT Conf. on the Quality of Software Archit., QoSA 2011 and the 2nd ACM SIGSOFT Int. Symp. on Archit. Critical Syst., ISARCS 2011, Part of the 2011 Federated Events on Component-Based Software Eng. and Software Archit., CompArch'11
CountryUnited States
CityBoulder, CO
Period6/20/116/24/11

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture
  • Software

Fingerprint Dive into the research topics of 'Modeling security attacks with statecharts'. Together they form a unique fingerprint.

  • Cite this

    El Ariss, O. A., & Xu, D. (2011). Modeling security attacks with statecharts. In CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11 (pp. 123-132) https://doi.org/10.1145/2000259.2000281