Shamal Faily
Tool-supported premortems with attack and security patterns.
Faily, Shamal; Lyle, John; Parkin, Simon
Authors
John Lyle
Simon Parkin
Abstract
Security patterns are a useful technique for packaging and applying security knowledge. However, because patterns represent partial knowledge of a problem and solution space, there is little certainty that addressing the consequences of one problem won't introduce or exacerbate another. In this abstract, we suggest that rather than using patterns exclusively to explore possible solutions to security problems, we should use them to carry out a premortem on why they instead cause problems. We present the approach taken to devise and tool-support such a process using data from the EU FP 7 webinos project.
Citation
FAILY, S., LYLE, J. and PARKIN, S. 2012. Tool-supported premortems with attack and security patterns. In Proceedings of the 1st International workshop on cyberpatterns (Cyberpatterns 2012): unifying design patterns with security, attack and forensic patterns, 9-10 July 2012, Abingdon, UK. Oxford: Oxford Brookes University, pages 10-11.
Conference Name | 1st International workshop on cyberpatterns (Cyberpatterns 2012): unifying design patterns with security, attack and forensic patterns |
---|---|
Conference Location | Abingdon, UK |
Start Date | Jul 9, 2012 |
End Date | Jul 10, 2012 |
Acceptance Date | Jul 9, 2012 |
Publication Date | Jul 9, 2012 |
Deposit Date | Dec 15, 2021 |
Publicly Available Date | Mar 29, 2024 |
Publisher | Oxford Brookes University |
Pages | 10-11 |
Keywords | Systems security; Security risk analysis; Security patterns; Attack patterns; Hacking; Software engineering; Computer aided integration of requirements and information security (CAIRIS) |
Public URL | https://rgu-repository.worktribe.com/output/1427777 |
Files
FAILY 2012 Tool-supported premortems with attack
(778 Kb)
PDF
You might also like
Programming language evaluation criteria for safety-critical software in the air domain.
(2022)
Conference Proceeding
Privacy goals for the data lifecycle.
(2022)
Journal Article
Automation and cyber security risks on the railways: the human factors implications.
(2022)
Presentation / Conference
Integrated design framework for facilitating systems-theoretic process analysis.
(2022)
Conference Proceeding
Cybersecurity user requirements analysis: the ECHO approach.
(2022)
Conference Proceeding
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search