Options
A descriptive study of Microsoft’s threat modeling technique
Publikationstyp
Journal Article
Publikationsdatum
2013-12-03
Sprache
English
Enthalten in
Volume
20
Issue
2
Start Page
163
End Page
180
Citation
Requirements Engineering 20 (2): 163-180 (2015-03-04)
Publisher DOI
Scopus ID
Publisher
Springer
Microsoft’s STRIDE is a popular threat modeling technique commonly used to discover the security weaknesses of a software system. In turn, discovered weaknesses are a major driver for incepting security requirements. Despite its successful adoption, to date no empirical study has been carried out to quantify the cost and effectiveness of STRIDE. The contribution of this paper is the evaluation of STRIDE via a descriptive study that involved 57 students in their last master year in computer science. The study addresses three research questions. First, it assesses how many valid threats per hour are produced on average. Second, it evaluates the correctness of the analysis results by looking at the average number of false positives, i.e., the incorrect threats. Finally, it determines the completeness of the analysis results by looking at the average number of false negatives, i.e., the overlooked threats.
Schlagworte
Anti-requirements
Empirical study
Secure software
STRIDE
Threat modeling
DDC Class
004: Informatik