Empirical assessment of security requirements and architecture: Lessons learned

R. Scandariato; F. Paci; L.M.S. Tran; K. Labunets; K. Yskout; F. Massacci; W. Joosen

doi:10.1007/978-3-319-07452-8_2

Empirical assessment of security requirements and architecture: Lessons learned

R. Scandariato
, F. Paci
, L.M.S. Tran
, K. Labunets
, K. Yskout
, F. Massacci
, W. Joosen

Research output: Book / Report › Book › Academic › peer-review

Abstract

Over the past three years, our groups at the University ofLeuven and the University of Trento have been conducting a number ofexperimental studies. In particular, two common themes can be easilyidentified within our work. First, we have investigated the value of sev-eral threat modeling and risk assessment techniques. The second themerelates to the problem of preserving security over time, i.e., securityevolution. Although the empirical results obtained in our studies areinteresting on their own, the main goal of this chapter is to share our ex-perience. The objective is to provide useful, hands-on insight on this typeof research work so that the work of other researchers in the communitywould be facilitated. The contribution of this chapter is the discussionof the challenges we faced during our experimental work. Contextually,we also outline those solutions that worked out in our studies and couldbe reused in the field by other studie

Original language	English
DOIs	https://doi.org/10.1007/978-3-319-07452-8_2
Publication status	Published - 2014

Access to Document

10.1007/978-3-319-07452-8_2

Persistent URL (handle)

Persistent link

Cite this

@book{bb21546edaef4eb29fdbc57cf21d31b3,

title = "Empirical assessment of security requirements and architecture: Lessons learned",

abstract = "Over the past three years, our groups at the University ofLeuven and the University of Trento have been conducting a number ofexperimental studies. In particular, two common themes can be easilyidentified within our work. First, we have investigated the value of sev-eral threat modeling and risk assessment techniques. The second themerelates to the problem of preserving security over time, i.e., securityevolution. Although the empirical results obtained in our studies areinteresting on their own, the main goal of this chapter is to share our ex-perience. The objective is to provide useful, hands-on insight on this typeof research work so that the work of other researchers in the communitywould be facilitated. The contribution of this chapter is the discussionof the challenges we faced during our experimental work. Contextually,we also outline those solutions that worked out in our studies and couldbe reused in the field by other studie",

author = "R. Scandariato and F. Paci and L.M.S. Tran and K. Labunets and K. Yskout and F. Massacci and W. Joosen",

year = "2014",

doi = "10.1007/978-3-319-07452-8\_2",

language = "English",

}

TY - BOOK

T1 - Empirical assessment of security requirements and architecture: Lessons learned

AU - Scandariato, R.

AU - Paci, F.

AU - Tran, L.M.S.

AU - Labunets, K.

AU - Yskout, K.

AU - Massacci, F.

AU - Joosen, W.

PY - 2014

Y1 - 2014

N2 - Over the past three years, our groups at the University ofLeuven and the University of Trento have been conducting a number ofexperimental studies. In particular, two common themes can be easilyidentified within our work. First, we have investigated the value of sev-eral threat modeling and risk assessment techniques. The second themerelates to the problem of preserving security over time, i.e., securityevolution. Although the empirical results obtained in our studies areinteresting on their own, the main goal of this chapter is to share our ex-perience. The objective is to provide useful, hands-on insight on this typeof research work so that the work of other researchers in the communitywould be facilitated. The contribution of this chapter is the discussionof the challenges we faced during our experimental work. Contextually,we also outline those solutions that worked out in our studies and couldbe reused in the field by other studie

AB - Over the past three years, our groups at the University ofLeuven and the University of Trento have been conducting a number ofexperimental studies. In particular, two common themes can be easilyidentified within our work. First, we have investigated the value of sev-eral threat modeling and risk assessment techniques. The second themerelates to the problem of preserving security over time, i.e., securityevolution. Although the empirical results obtained in our studies areinteresting on their own, the main goal of this chapter is to share our ex-perience. The objective is to provide useful, hands-on insight on this typeof research work so that the work of other researchers in the communitywould be facilitated. The contribution of this chapter is the discussionof the challenges we faced during our experimental work. Contextually,we also outline those solutions that worked out in our studies and couldbe reused in the field by other studie

UR - https://www.scopus.com/pages/publications/84924939676

UR - https://www.scopus.com/pages/publications/84924939676#tab=citedBy

U2 - 10.1007/978-3-319-07452-8_2

DO - 10.1007/978-3-319-07452-8_2

M3 - Book

BT - Empirical assessment of security requirements and architecture: Lessons learned

ER -

Empirical assessment of security requirements and architecture: Lessons learned

Abstract

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this