Options
Security assurance cases - state of the art of an emerging approach
Citation Link: https://doi.org/10.15480/882.3663
Publikationstyp
Journal Article
Publikationsdatum
2021-05-18
Sprache
English
Institut
TORE-URI
Enthalten in
Volume
26
Issue
4
Article Number
70
Citation
Empirical Software Engineering 26 (4): 70 (2021-07-01)
Publisher DOI
Scopus ID
Publisher
Springer Science + Business Media B.V
Security Assurance Cases (SAC) are a form of structured argumentation used to reason about the security properties of a system. After the successful adoption of assurance cases for safety, SAC are getting significant traction in recent years, especially in safety-critical industries (e.g., automotive), where there is an increasing pressure to be compliant with several security standards and regulations. Accordingly, research in the field of SAC has flourished in the past decade, with different approaches being investigated. In an effort to systematize this active field of research, we conducted a systematic literature review (SLR) of the existing academic studies on SAC. Our review resulted in an in-depth analysis and comparison of 51 papers. Our results indicate that, while there are numerous papers discussing the importance of SAC and their usage scenarios, the literature is still immature with respect to concrete support for practitioners on how to build and maintain a SAC. More importantly, even though some methodologies are available, their validation and tool support is still lacking.
Schlagworte
Assurance cases
Security
Systematic literature review
DDC Class
004: Informatik
More Funding Information
This work is partially supported by the CASUS research project funded by VINNOVA, a Swedish funding agency. Open access funding provided by University of Gothenburg.