Viehmann et al., 2015 - Google Patents
Risk assessment and security testing of large scale networked systems with RACOMATViehmann et al., 2015
View PDF- Document ID
- 8587287174590911174
- Author
- Viehmann J
- Werner F
- Publication year
- Publication venue
- Risk Assessment and Risk-Driven Testing: Third International Workshop, RISK 2015, Berlin, Germany, June 15, 2015. Revised Selected Papers 3
External Links
Snippet
Risk management is an important part of the software quality management because security issues can result in big economical losses and even worse legal consequences. While risk assessment as the base for any risk treatment is widely regarded to be important, doing a …
- 238000004088 simulation 0 abstract description 6
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
- G06Q10/063—Operations research or analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation, e.g. computer aided management of electronic mail or groupware; Time management, e.g. calendars, reminders, meetings or time accounting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/50—Computer-aided design
- G06F17/5009—Computer-aided design using simulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| ben Othmane et al. | Extending the agile development process to develop acceptably secure software | |
| Armando et al. | The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures | |
| Raspotnig et al. | Comparing risk identification techniques for safety and security requirements | |
| Geismann et al. | A systematic literature review of model-driven security engineering for cyber–physical systems | |
| Ismail et al. | A unified framework for cloud security transparency and audit | |
| Baca et al. | Countermeasure graphs for software security risk assessment: An action research | |
| Meng et al. | Automating the assembly of security assurance case fragments | |
| Vasilevskaya et al. | Quantifying risks to data assets using formal metrics in embedded system design | |
| Yue et al. | Towards requirements engineering for digital twins of cyber-physical systems | |
| Putra et al. | Implementation of DevSecOps by Integrating Static and Dynamic Security Testing in CI/CD Pipelines | |
| Viehmann et al. | Risk assessment and security testing of large scale networked systems with RACOMAT | |
| Nami et al. | Software trustworthiness: past, present and future | |
| Hortlund | Security smells in open-source infrastructure as code scripts: A replication study | |
| Ferry et al. | Development and operation of trustworthy smart iot systems: The enact framework | |
| Misra et al. | Software design | |
| Zeini et al. | Preliminary Investigation into a Security Approach for Infrastructure as Code | |
| Larrucea et al. | Managing security debt across PLC phases in a VSE context | |
| Neharika et al. | Investigations into Secure IaC Practices | |
| Grossmann et al. | A trace management platform for risk-based security testing | |
| Erdogan et al. | A systematic method for risk-driven test case design using annotated sequence diagrams | |
| Cheh et al. | Design and User Study of a Constraint-based Framework for Business Logic Flaw Discovery | |
| Pham et al. | Automated software security activities in a continuous delivery pipeline | |
| Heilmann | Application Security Review Criteria for DevSecOps Processes | |
| Rhodes et al. | Assessing Vulnerabilities in Model-Centric Acquisition Programs: Phase 2 | |
| Cordeiro et al. | Watch: A validation framework and language for tool qualification |