To main content

Orchestrating Security and System Engineering for Evolving Systems

Abstract

How to design a security engineering process that can cope with the dynamic evolution of Future Internet scenarios and the rigidity of existing system engineering processes? The SecureChange approach is to orchestrate (as opposed to integrate) security and system engineering concerns by two types of relations between engineering processes: (i) vertical relations between successive security-related processes; and (ii) horizontal relations between mainstream system engineering processes and concurrent security-related processes. This approach can be extended to cover the complete system/ software lifecycle, from early security requirement elicitation to runtime configuration and monitoring, via high-level architecting, detailed design, development, integration and design-time testing. In this paper we illustrate the high-level scientific principles of the approach.

Category

Academic article

Language

English

Author(s)

  • Fabio Massacci
  • Fabrice Bouquet
  • Elizabeta Fourneret
  • Jan Jurjens
  • Mass Soldal Lund
  • Sébastien Madelénat
  • JanTobias Muehlberg
  • Federica Paci
  • Stéphane Paul
  • Frank Piessens
  • Bjørnar Solhaug
  • Sven Wenzel

Affiliation

  • University of Trento
  • France
  • TU Dortmund
  • SINTEF Digital / Sustainable Communication Technologies
  • UC Leuven-Limburg

Year

2011

Published in

Lecture Notes in Computer Science (LNCS)

ISSN

0302-9743

Publisher

Springer

Volume

6994

Page(s)

134 - 143

View this publication at Cristin