Til hovedinnhold

Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study

Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study

Kategori
Del av bok/rapport
Sammendrag
The CORAL approach is a model-based method to security testing employing risk assessment to help security testers select and design test cases based on the available risk picture. In this paper we present experiences from using CORAL in an industrial case. The results indicate that CORAL supports security testers in producing risk models that are valid and threat scenarios that are directly testable. This, in turn, helps testers to select and design test cases according to the most severe security risks posed on the system under test.
Oppdragsgiver
  • Norges forskningsråd / 201579
  • Norges forskningsråd / 236657
Språk
Engelsk
Forfatter(e)
Institusjon(er)
  • SINTEF IKT / Nettbaserte systemer og tjenester
  • Universitetet i Oslo
  • Diverse norske bedrifter og organisasjoner
År
2016
Forlag
SciTePress
Bok
Proceedings of the 2nd International Conference on Information Systems Security and Privacy, ICISSP 2016, February 19-21, 2016, in Rome, Italy
ISBN
978-989-758-167-0
Side(r)
219 - 226