Metrics
132 Record Views
Journal article
Using concept maps to introduce software security assurance cases
CrossTalk: The Journal of Defense Software Engineering, Vol.27, pp.4-9
27
2014
Abstract
To improve the security of software systems, we need to improve the software development processes used to produce them. Software security assurance cases have been proposed as a way of establishing security properties of software at different phases of the software development lifecycle; however, these assurance cases are difficult to write, communicate and introduce into an already burdened software development process. We evaluated a team-based, knowledge engineering approach to introduce software security assurance cases to neophytes through the utilization of concept maps. This approach allowed the study’s participants to engage in conversations with security experts about security requirements for their software and with knowledge engineers to construct concept maps demonstrating how their software met the requirements. Our survey results and feedback show great promise for our method to be effective and efficient for disseminating knowledge about software security to new hires and students which in turn would make them cognizant of the security requirements in their organization.
Related links
Details
- Title
- Using concept maps to introduce software security assurance cases
- Publication Details
- CrossTalk: The Journal of Defense Software Engineering, Vol.27, pp.4-9
- Resource Type
- Journal article
- Publisher
- U.S. Department of Defense * Software Technology Support Center; United States
- Series
- 27
- Identifiers
- 99380090351306600
- Academic Unit
- Computer Science; Hal Marcus College of Science and Engineering
- Language
- English