Date Added: Apr 2012
Unlike functional implementations, it is difficult to analyze the impact on security of software enhancements. One of the difficulties is identifying the range of effects on existing software from new security threats, and the other is developing proper countermeasures. The authors propose an analysis method that uses two kinds of security patterns: security requirements patterns for identifying threats and security design patterns for identifying countermeasures at an action class level. With these two patterns and the conventional traceability methodology, developers can estimate and compare the amount of modifications needed for multiple security countermeasures.