Evolution of Security Engineering Artifacts: A State of the Art Survey

Abstract

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research.

Language

English

Author(s)

Michael Felderer
Basel Katt
Philipp Kalb
Jan Jürjens
Martín Ochoa
Federica Paci
Le Minh Sang Tran
Thein Than Tun
Koen Yskout
Riccardo Scandariato
Frank Piessens
Dries Vanoverberghe
Elizabeta Fourneret
Matthias Gander
Bjørnar Solhaug
Ruth Breu

Affiliation

SINTEF Digital / Sustainable Communication Technologies
UC Leuven-Limburg
University of Trento
University of Luxembourg
The Open University
Technical University of Munich
TU Dortmund
University of Innsbruck

Year

2014

Published in

International Journal of Secure Software Engineering (IJSSE)

ISSN

1947-3036

Volume

Issue

Page(s)

48 - 98

DOI

https://doi.org/10.4018/ijsse.2014100103

View this publication at Norwegian Research Information Repository

Contact us

Our services

Career

Sustainability

Management and board

Institutes

Other units

About us

Follow us