The idea of security aware system development from the start of the engineering process is generally accepted nowadays and is becoming applied in practice. Many recent initiatives support this idea with special focus on security requirements elicitation. However, there are so far no techniques that provide integrated overviews of security threats and system architecture. One way to achieve this is by combining misuse cases with use case maps into misuse case maps (MUCM). This paper presents an experimental evaluation of MUCM diagrams focusing on identification of vulnerabilities and mitigations. The controlled experiment with 33 IT students included a complex hacker intrusion from the literature, illustrated either with MUCM or with alternative diagrams. The results suggest that participants using MUCM found significantly more mitigations than participants using regular misuse cases combined with system architecture diagrams.

-- DanielAmyot - 15 Feb 2012


  • Please feel free to discuss this article directly on this page. Constructive comments are welcomed! Please sign your TWiki name.

FormForVirtualLibrary edit

Title Experimental Comparison of Misuse Case Maps with Misuse Cases and System Architecture Diagrams for Eliciting Security Vulnerabilities and Mitigations
Authors P. Karpati, A.L. Opdahl, and G. Sindre
Type Conference
Conference/Journal Title Sixth Int. Conf. on Availability, Reliability and Security (ARES 2011)
Publisher IEEE CS
Month August
Year 2011
Pages 507-514
DOI 10.1109/ARES.2011.77
Keywords security requirements, intrusion analysis, architectural view, misuse cases, misuse case maps, MUCM, controlled experiment
Topic revision: r1 - 15 Feb 2012, DanielAmyot
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback