• DocumentCode
    3003623
  • Title

    Automated Tracing and Integration of Security Functionality via Requirements Taxonomies, Annotations and Aspects

  • Author

    Llansó, Thomas ; Barrett, George

  • Author_Institution
    Johns Hopkins Univ., Laurel
  • fYear
    2007
  • fDate
    20-22 June 2007
  • Firstpage
    357
  • Lastpage
    358
  • Abstract
    The investigation we describe here was motivated by our concerns relating to the time and expense of conducting such security evaluations for software intensive systems. Based on interviews we conducted with Common Criteria Laboratories (2006), we found that product evaluation times typically run in excess of 12 months and have starting costs that can easily exceed US$100,000. These figures are for initial evaluations. As software products change and evolve over time, new versions of such products are subject to re-evaluation, bringing additional time and expense.
  • Keywords
    formal specification; safety-critical software; automated tracing; requirements taxonomies; security functionality integration; software intensive systems; Computer industry; Conferences; Costs; Information security; Laboratories; Physics; System testing; Taxonomy; US Department of Defense; USA Councils;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security Workshop, 2007. IAW '07. IEEE SMC
  • Conference_Location
    West Point, NY
  • Print_ISBN
    1-4244-1304-4
  • Electronic_ISBN
    1-4244-1304-4
  • Type

    conf

  • DOI
    10.1109/IAW.2007.381955
  • Filename
    4267583
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3003623