[Context and motivation] In the development of secure software, work on requirements and on architecture need to be closely intertwined, because possible threats and the chosen architecture depend on each other mutually. [Question/problem] Nevertheless, most security requirement techniques do not take architecture into account. The transition from security requirements to secure architectures is left to security experts and software developers, excluding domain experts and other groups of stakeholders from discussions of threats, vulnerabilities and mitigations in an architectural context. [Principal idea/results] The paper introduces misuse case maps, a new modelling technique that is the anti-behavioural complement to use case maps. The purpose of the new technique is to visualize how cyber attacks are performed in an architectural context. [Contribution] The paper investigates what a misuse case map notation might look like. A preliminary evaluation suggests that misuse case maps may indeed make it easier for less experienced stakeholders to gain an understanding of multi-stage intrusion scenarios.


FormForVirtualLibrary edit

Title Visualizing Cyber Attacks with Misuse Case Maps
Authors P. Karpati, G. Sindre and A.L. Opdahl
Type Conference
Conference/Journal Title 16th Int. Working Conf. on Requirements Engineering: Foundation for Software Quality (REFSQ 2010)
Volume/Number LNCS 6182
Publisher Springer
Month June
Year 2010
Pages 262-275
DOI 10.1007/978-3-642-14192-8_24
Keywords security, requirements elicitation, misuse case, use case map, misuse case map
Topic revision: r1 - 05 Jul 2010, DanielAmyot
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback