Title :
Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects
Author :
Llansó, Thomas ; Barrett, George
Author_Institution :
Johns Hopkins Univ., Laurel
Abstract :
The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in excess of 12 months and have starting costs that can easily exceed US$100,000. These figures are for initial evaluations. As software products change and evolve over time, new versions of such products are subject to re-evaluation, bringing additional time and expense.
Keywords :
formal specification; safety-critical software; automated tracing; requirements taxonomies; security functionality integration; software intensive systems; Computer industry; Conferences; Costs; Information security; Laboratories; Physics; System testing; Taxonomy; US Department of Defense; USA Councils;
Conference_Titel :
Information Assurance and Security Workshop, 2007. IAW '07. IEEE SMC
Conference_Location :
West Point, NY
Print_ISBN :
1-4244-1304-4
Electronic_ISBN :
1-4244-1304-4
DOI :
10.1109/IAW.2007.381955
