Change search
ReferencesLink to record
Permanent link

Direct link
Prioritizing Countermeasures through the Countermeasure Method for Software Security (CM-Sec)
Responsible organisation
2010 (English)Conference paper (Refereed) Published
Abstract [en]

Software security is an important quality aspect of a software system. Therefore, it is important to integrate software security touch points throughout the development life-cycle. So far, the focus of touch points in the early phases has been on the identification of threats and attacks. In this paper we propose a novel method focusing on the end product by prioritizing countermeasures. The method provides an extension to attack trees and a process for identification and prioritization of countermeasures. The approach has been applied on an open-source application and showed that countermeasures could be identified. Furthermore, an analysis of the effectiveness and cost-efficiency of the countermeasures could be provided.

Place, publisher, year, edition, pages
Limerick: Springer , 2010.
Keyword [en]
software security, vulnerabilities, attack trees, countermeasures
National Category
Software Engineering
URN: urn:nbn:se:bth-7793ISI: 000286415300015Local ID: 978-3-642-13791-4OAI: diva2:835455
11th International Conference on Product-Focused Software Process Improvement, PROFES 2010
Published in Springer Lecture Notes in Computer ScienceAvailable from: 2012-09-18 Created: 2010-06-24 Last updated: 2015-06-30Bibliographically approved

Open Access in DiVA

fulltext(1244 kB)32 downloads
File information
File name FULLTEXT01.pdfFile size 1244 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Petersen, Kai
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 32 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 54 hits
ReferencesLink to record
Permanent link

Direct link