A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems

A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems

Large amount of (security) faults existing in software systems could be complex and hard to identify during the fault analysis. So, it is not always possible to fully mitigate the internal or external security faults (vulnerabilities or threats) within the system. On the other hand, existence of fau...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Mougouei, D., Moghtadaei, M., Moradmand, S.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Analytical models
Computational modeling
Fault diagnosis
Fault tolerance
Fault tolerant systems
intrusion tolerance
Security
security fault
threat
Unified modeling language
vulnerability
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 205
container_issue
container_start_page 200
container_title
container_volume
creator Mougouei, D.
Moghtadaei, M.
Moradmand, S.
description Large amount of (security) faults existing in software systems could be complex and hard to identify during the fault analysis. So, it is not always possible to fully mitigate the internal or external security faults (vulnerabilities or threats) within the system. On the other hand, existence of faults in the system may eventually lead to a security failure. To avoid security failure of the target system we need to make it flexible and tolerant in the presence of security faults. This paper introduces a goal-based modeling approach to develop security requirements of security-critical systems (SCSs) by explicitly factoring the faults into the requirement engineering process. Our approach establishes a model for security requirements (SRM) with respect to the formally described model of security faults (SFM). We care for fault tolerance in SRM by taking into consideration partial satisfaction of security goals. The proposed approach factors this partiality into the goals by applying proper mitigation techniques during the refinement process. This eventually contributes to a fault tolerant model for security requirements of the target system.
doi_str_mv 10.1109/ICCCE.2012.6271180
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_6271180</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>6271180</ieee_id><sourcerecordid>6271180</sourcerecordid><originalsourceid>FETCH-LOGICAL-c1830-ed03aaa66d25f170578b745930087845243ef7f5904cba750ff5a035c2f90a673</originalsourceid><addsrcrecordid>eNpFUFFLwzAYjIigzv0Bfckf6PzSJE36OMp0g4Ev-jy-pl9mNV1r0gn79xYceg93HBwHd4zdC1gIAeXjpqqq1SIHkS-K3Ahh4YLdClUYCcqU6vLf2OKazVP6gAnGCrDyhn0u-b7HkNWYqOFd31BoD3uOwxB7dO987HlD3xT6gSdyx9iOJx7p69hG6ugwJt577vEYxikZKOJh_MtlbuLWYeDplEbq0h278hgSzc86Y29Pq9dqnW1fnjfVcps5YSVk1IBExKJocu2FAW1sbZQuJYA1VulcSfLG6xKUq9Fo8F4jSO1yXwJOU2fs4be3JaLdENsO42l3Pkf-AKWtWeo</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Mougouei, D. ; Moghtadaei, M. ; Moradmand, S.</creator><creatorcontrib>Mougouei, D. ; Moghtadaei, M. ; Moradmand, S.</creatorcontrib><description>Large amount of (security) faults existing in software systems could be complex and hard to identify during the fault analysis. So, it is not always possible to fully mitigate the internal or external security faults (vulnerabilities or threats) within the system. On the other hand, existence of faults in the system may eventually lead to a security failure. To avoid security failure of the target system we need to make it flexible and tolerant in the presence of security faults. This paper introduces a goal-based modeling approach to develop security requirements of security-critical systems (SCSs) by explicitly factoring the faults into the requirement engineering process. Our approach establishes a model for security requirements (SRM) with respect to the formally described model of security faults (SFM). We care for fault tolerance in SRM by taking into consideration partial satisfaction of security goals. The proposed approach factors this partiality into the goals by applying proper mitigation techniques during the refinement process. This eventually contributes to a fault tolerant model for security requirements of the target system.</description><identifier>ISBN: 1467304786</identifier><identifier>ISBN: 9781467304788</identifier><identifier>EISBN: 1467304794</identifier><identifier>EISBN: 1467304778</identifier><identifier>EISBN: 9781467304771</identifier><identifier>EISBN: 9781467304795</identifier><identifier>DOI: 10.1109/ICCCE.2012.6271180</identifier><language>eng</language><publisher>IEEE</publisher><subject>Analytical models ; Computational modeling ; Fault diagnosis ; Fault tolerance ; Fault tolerant systems ; intrusion tolerance ; Security ; security fault ; threat ; Unified modeling language ; vulnerability</subject><ispartof>2012 International Conference on Computer and Communication Engineering (ICCCE), 2012, p.200-205</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c1830-ed03aaa66d25f170578b745930087845243ef7f5904cba750ff5a035c2f90a673</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/6271180$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2057,27924,54919</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/6271180$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Mougouei, D.</creatorcontrib><creatorcontrib>Moghtadaei, M.</creatorcontrib><creatorcontrib>Moradmand, S.</creatorcontrib><title>A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems</title><title>2012 International Conference on Computer and Communication Engineering (ICCCE)</title><addtitle>ICCCE</addtitle><description>Large amount of (security) faults existing in software systems could be complex and hard to identify during the fault analysis. So, it is not always possible to fully mitigate the internal or external security faults (vulnerabilities or threats) within the system. On the other hand, existence of faults in the system may eventually lead to a security failure. To avoid security failure of the target system we need to make it flexible and tolerant in the presence of security faults. This paper introduces a goal-based modeling approach to develop security requirements of security-critical systems (SCSs) by explicitly factoring the faults into the requirement engineering process. Our approach establishes a model for security requirements (SRM) with respect to the formally described model of security faults (SFM). We care for fault tolerance in SRM by taking into consideration partial satisfaction of security goals. The proposed approach factors this partiality into the goals by applying proper mitigation techniques during the refinement process. This eventually contributes to a fault tolerant model for security requirements of the target system.</description><subject>Analytical models</subject><subject>Computational modeling</subject><subject>Fault diagnosis</subject><subject>Fault tolerance</subject><subject>Fault tolerant systems</subject><subject>intrusion tolerance</subject><subject>Security</subject><subject>security fault</subject><subject>threat</subject><subject>Unified modeling language</subject><subject>vulnerability</subject><isbn>1467304786</isbn><isbn>9781467304788</isbn><isbn>1467304794</isbn><isbn>1467304778</isbn><isbn>9781467304771</isbn><isbn>9781467304795</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2012</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpFUFFLwzAYjIigzv0Bfckf6PzSJE36OMp0g4Ev-jy-pl9mNV1r0gn79xYceg93HBwHd4zdC1gIAeXjpqqq1SIHkS-K3Ahh4YLdClUYCcqU6vLf2OKazVP6gAnGCrDyhn0u-b7HkNWYqOFd31BoD3uOwxB7dO987HlD3xT6gSdyx9iOJx7p69hG6ugwJt577vEYxikZKOJh_MtlbuLWYeDplEbq0h278hgSzc86Y29Pq9dqnW1fnjfVcps5YSVk1IBExKJocu2FAW1sbZQuJYA1VulcSfLG6xKUq9Fo8F4jSO1yXwJOU2fs4be3JaLdENsO42l3Pkf-AKWtWeo</recordid><startdate>201207</startdate><enddate>201207</enddate><creator>Mougouei, D.</creator><creator>Moghtadaei, M.</creator><creator>Moradmand, S.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201207</creationdate><title>A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems</title><author>Mougouei, D. ; Moghtadaei, M. ; Moradmand, S.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c1830-ed03aaa66d25f170578b745930087845243ef7f5904cba750ff5a035c2f90a673</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2012</creationdate><topic>Analytical models</topic><topic>Computational modeling</topic><topic>Fault diagnosis</topic><topic>Fault tolerance</topic><topic>Fault tolerant systems</topic><topic>intrusion tolerance</topic><topic>Security</topic><topic>security fault</topic><topic>threat</topic><topic>Unified modeling language</topic><topic>vulnerability</topic><toplevel>online_resources</toplevel><creatorcontrib>Mougouei, D.</creatorcontrib><creatorcontrib>Moghtadaei, M.</creatorcontrib><creatorcontrib>Moradmand, S.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mougouei, D.</au><au>Moghtadaei, M.</au><au>Moradmand, S.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems</atitle><btitle>2012 International Conference on Computer and Communication Engineering (ICCCE)</btitle><stitle>ICCCE</stitle><date>2012-07</date><risdate>2012</risdate><spage>200</spage><epage>205</epage><pages>200-205</pages><isbn>1467304786</isbn><isbn>9781467304788</isbn><eisbn>1467304794</eisbn><eisbn>1467304778</eisbn><eisbn>9781467304771</eisbn><eisbn>9781467304795</eisbn><abstract>Large amount of (security) faults existing in software systems could be complex and hard to identify during the fault analysis. So, it is not always possible to fully mitigate the internal or external security faults (vulnerabilities or threats) within the system. On the other hand, existence of faults in the system may eventually lead to a security failure. To avoid security failure of the target system we need to make it flexible and tolerant in the presence of security faults. This paper introduces a goal-based modeling approach to develop security requirements of security-critical systems (SCSs) by explicitly factoring the faults into the requirement engineering process. Our approach establishes a model for security requirements (SRM) with respect to the formally described model of security faults (SFM). We care for fault tolerance in SRM by taking into consideration partial satisfaction of security goals. The proposed approach factors this partiality into the goals by applying proper mitigation techniques during the refinement process. This eventually contributes to a fault tolerant model for security requirements of the target system.</abstract><pub>IEEE</pub><doi>10.1109/ICCCE.2012.6271180</doi><tpages>6</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 1467304786
ispartof 2012 International Conference on Computer and Communication Engineering (ICCCE), 2012, p.200-205
issn
language eng
recordid cdi_ieee_primary_6271180
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Analytical models
Computational modeling
Fault diagnosis
Fault tolerance
Fault tolerant systems
intrusion tolerance
Security
security fault
threat
Unified modeling language
vulnerability
title A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-09T05%3A40%3A08IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=A%20goal-based%20modeling%20approach%20to%20develop%20security%20requirements%20of%20fault%20tolerant%20security-critical%20systems&rft.btitle=2012%20International%20Conference%20on%20Computer%20and%20Communication%20Engineering%20(ICCCE)&rft.au=Mougouei,%20D.&rft.date=2012-07&rft.spage=200&rft.epage=205&rft.pages=200-205&rft.isbn=1467304786&rft.isbn_list=9781467304788&rft_id=info:doi/10.1109/ICCCE.2012.6271180&rft_dat=%3Cieee_6IE%3E6271180%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&rft.eisbn=1467304794&rft.eisbn_list=1467304778&rft.eisbn_list=9781467304771&rft.eisbn_list=9781467304795&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=6271180&rfr_iscdi=true