Security

Analysing Security Requirements Formally and Flexibly Based on Suspicion

Download Now Free registration required

Executive Summary

Increasingly, engineers need to approach security and software engineering in a unified way. This paper presents an approach to the formal analysis of security requirements that is based on model-checking and uses the concept of suspicion to guide the search for threats and security vulnerabilities in requirements. It proposes an approach to security analysis that favours exploration of a system's state space based on what is abnormal or suspicious to find threats and vulnerabilities, instead of ironclad security proofs that try to demonstrate that a system is secure; as this paper shows, such security proofs can often be misleading.

  • Format: PDF
  • Size: 542.3 KB