Generative secure design, defined

Publikationstyp
Conference Paper
Date Issued
2018-05
Sprache
English
Author(s)
Scandariato, Riccardo  
Horkhoff, Jennifer  
Feldt, Robert  
TORE-URI
http://hdl.handle.net/11420/10261
Start Page
1
End Page
4
Citation
ACM/IEEE International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER 2018)
Contribution to Conference
40th ACM/IEEE International Conference on Software Engineering: New Ideas and Emerging Results, ICSE-NIER 2018  
Publisher DOI
10.1145/3183399.3183400
Scopus ID
2-s2.0-85049803372
In software-intensive industries, companies face the constant challenge of not having enough security experts on staff in order to validate the design of the high-complexity projects they run. Many of these companies are now realizing that increasing automation in their secure development process is the only way forward in order to cope with the ultra-large scale of modern systems. This paper embraces that viewpoint. We chart the roadmap to the development of a generative design tool that iteratively produces several design alternatives, each attempting to solve the security goals by incorporating security mechanisms. The tool explores the possible solutions by starting from well-known security techniques and by creating variations via mutations and crossovers. By incorporating user feedback, the tool generates increasingly better design alternatives.
Subjects
Design
Security
Tool