Applying a Security Conceptual Model for Coverage Analysis

https://doi.org/10.3182/20130619-3-RU-3018.00093Get rights and content

Abstract

In areas important to security or safety, the development of computer-based systems follows more complex processes for developing the system and achieving the needed safety or security assurance. As security and safety aspects are merging in new systems that are critical, but more openly interconnected, there is a need to relate the three different processes: development, safety and security. This paper proposes a conceptual model for security, which consist of artefacts belonging to development and security assessment processes. The security conceptual model can be used as a stand alone model to understand and address how security aspects should be integrated during the development of computer-based systems, or can be combined with safety models to address both safety and security aspects in a more harmonised manner. The model is applied on a newly developed method for unifying the safety and security assessments. The security conceptual model is however only based on a particular standard, and further work is needed to evaluate the model.

Keywords

system security
requirements analysis
systems engineering
process models
object modelling techniques
safety

Cited by (0)

View Abstract