To main content

Evolution of Security Engineering Artifacts: A State of the Art Survey

Abstract

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research.

Category

Academic article

Language

English

Author(s)

  • Michael Felderer
  • Basel Katt
  • Philipp Kalb
  • Jan Jürjens
  • Martín Ochoa
  • Federica Paci
  • Le Minh Sang Tran
  • Thein Than Tun
  • Koen Yskout
  • Riccardo Scandariato
  • Frank Piessens
  • Dries Vanoverberghe
  • Elizabeta Fourneret
  • Matthias Gander
  • Bjørnar Solhaug
  • Ruth Breu

Affiliation

  • University of Innsbruck
  • TU Dortmund
  • Technical University of Munich
  • University of Trento
  • The Open University
  • UC Leuven-Limburg
  • University of Luxembourg
  • SINTEF Digital / Sustainable Communication Technologies

Year

2014

Published in

International Journal of Secure Software Engineering (IJSSE)

ISSN

1947-3036

Publisher

IGI Global

Volume

5

Issue

4

Page(s)

48 - 98

View this publication at Cristin