A framework for security driven software evolution

Author

Hui Guan ; Xuan Wang ; Hongji Yang

Author_Institution

Sch. of Comput. Sci. & Technol., Shenyang Univ. of Chem. Technol., Shenyang, China

fYear

2014

fDate

12-13 Sept. 2014

Firstpage

194

Lastpage

199

Abstract

Security has become a key non-functional requirement in the modern software system. The need to improve the security level for legacy systems is equally important as that for new designed systems. However, how to integrate security engineering into legacy system is sometimes very difficult. After examining the current literature on security improvement, this paper proposes a framework for enhancing security for legacy system from software evolution perspective using a model driven approach. It starts from understanding and extracting models from legacy source code. Security requirements are elicited through analysing security risks and satisfied by integrating security patterns with the support of the proposed security ontology. The proposed framework in this paper provides a comprehensive approach allowing the designer to be guided through the process of security oriented evolution.

Keywords

ontologies (artificial intelligence); risk management; security of data; software maintenance; source code (software); comprehensive approach; legacy source code; legacy systems; model driven approach; nonfunctional requirement; security driven software evolution framework; security engineering integration; security level improvement; security ontology; security pattern integration; security requirements; security risk analysis; software system; Aging; Context; Object oriented modeling; Ontologies; Security; Software; Unified modeling language; model driven; ontolog; security pattern; security requirment; software evolution;

fLanguage

English

Publisher

ieee

Conference_Titel

Automation and Computing (ICAC), 2014 20th International Conference on

Conference_Location

Cranfield

Type

conf

DOI

10.1109/IConAC.2014.6935485

Filename

6935485