Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Prioritizing Countermeasures through the Countermeasure Method for Software Security (CM-Sec)
Responsible organisation
2010 (English)Conference paper, (Refereed) Published
Abstract [en]

Software security is an important quality aspect of a software system. Therefore, it is important to integrate software security touch points throughout the development life-cycle. So far, the focus of touch points in the early phases has been on the identification of threats and attacks. In this paper we propose a novel method focusing on the end product by prioritizing countermeasures. The method provides an extension to attack trees and a process for identification and prioritization of countermeasures. The approach has been applied on an open-source application and showed that countermeasures could be identified. Furthermore, an analysis of the effectiveness and cost-efficiency of the countermeasures could be provided.

Place, publisher, year, edition, pages
Limerick: Springer , 2010.
Keyword [en]
software security, vulnerabilities, attack trees, countermeasures
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:bth-7793ISI: 000286415300015Local ID: oai:bth.se:forskinfoECE853A029D3AECEC125774C0038EA76ISBN: 978-3-642-13791-4 (print)OAI: oai:DiVA.org:bth-7793DiVA: diva2:835455
Conference
11th International Conference on Product-Focused Software Process Improvement, PROFES 2010
Note
Published in Springer Lecture Notes in Computer ScienceAvailable from: 2012-09-18 Created: 2010-06-24 Last updated: 2015-06-30Bibliographically approved

Open Access in DiVA

fulltext(1244 kB)78 downloads
File information
File name FULLTEXT01.pdfFile size 1244 kBChecksum SHA-512
f11bfc303f19ab022cbe37b1bf13532a035a610922e717f9a45e67f6902c10141df1e9baf63ee700563ff7845b92a565eb094254ba5f7f6a907d6bebb6e24a60
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Petersen, Kai
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 78 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 87 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf