Taxonomy Towards Application Security Metric Generation Using Attack Patterns
Attack patterns are extension to design patterns in the context of application security to consider security as functional requirement along with other requirements. Application security metric is one metric where emphasis will be on source code and its development environment including patterns. This paper contains an extension work to the prototype model that was proposed to generate metrics using attack patterns. In that model a generic framework is recommended to generate new patterns along with metric. The framework is extended with appropriate mathematical components and elements. The mathematical work is interrelated to extended finite state machine and temporal logic.