Threat Analysis in Practice - Systematically Deriving Security Requirements

Fockel, Markus; Merschjohann, Sven; Fazal-Baqaie, Masud

Threat Analysis in Practice - Systematically Deriving Security Requirements

M. Fockel, S. Merschjohann, M. Fazal-Baqaie, in: 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018), Springer Nature Switzerland AG, 2018.

Download

No fulltext has been uploaded.

DOI

10.1007/978-3-030-03673-7_25

Conference Paper | English

Author

Fockel, Markus^LibreCat ; Merschjohann, Sven^LibreCat; Fazal-Baqaie, Masud

Department

Fraunhofer-Institut für Entwurfstechnik Mechatronik IEM
Fraunhofer-Institut für Entwurfstechnik Mechatronik IEM -> Forschungsbereich Softwaretechnik und IT-Sicherheit

Abstract

With the growing number of incidents, the topic security gains more and more attention across all domains. Organizations realize their lack of state-of-the-art security practices, however, they struggle to improve their software lifecycle in terms of security. In this talk, we introduce the concept of security by design that implements security practices within the whole software lifecycle. Based on our practical experience from industry projects in the regulated industrial automation and unregulated classical IT domain, we explain how to perform a threat analysis and how to integrate it into the software lifecycle.

Publishing Year

2018

Proceedings Title

19th International Conference on Product-Focused Software Process Improvement (PROFES 2018)

forms.conference.field.series_title_volume.label

LNCS 11271

LibreCat-ID

20780

Cite this

Fockel M, Merschjohann S, Fazal-Baqaie M. Threat Analysis in Practice - Systematically Deriving Security Requirements. In: 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018). LNCS 11271. Springer Nature Switzerland AG; 2018. doi:10.1007/978-3-030-03673-7_25

Fockel, M., Merschjohann, S., & Fazal-Baqaie, M. (2018). Threat Analysis in Practice - Systematically Deriving Security Requirements. In 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018). Springer Nature Switzerland AG. https://doi.org/10.1007/978-3-030-03673-7_25

@inproceedings{Fockel_Merschjohann_Fazal-Baqaie_2018, series={LNCS 11271}, title={Threat Analysis in Practice - Systematically Deriving Security Requirements}, DOI={10.1007/978-3-030-03673-7_25}, booktitle={19th International Conference on Product-Focused Software Process Improvement (PROFES 2018)}, publisher={Springer Nature Switzerland AG}, author={Fockel, Markus and Merschjohann, Sven and Fazal-Baqaie, Masud}, year={2018}, collection={LNCS 11271} }

Fockel, Markus, Sven Merschjohann, and Masud Fazal-Baqaie. “Threat Analysis in Practice - Systematically Deriving Security Requirements.” In 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018). LNCS 11271. Springer Nature Switzerland AG, 2018. https://doi.org/10.1007/978-3-030-03673-7_25.

M. Fockel, S. Merschjohann, and M. Fazal-Baqaie, “Threat Analysis in Practice - Systematically Deriving Security Requirements,” in 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018), 2018.

Fockel, Markus, et al. “Threat Analysis in Practice - Systematically Deriving Security Requirements.” 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018), Springer Nature Switzerland AG, 2018, doi:10.1007/978-3-030-03673-7_25.

Export

Marked Publications

Open Data LibreCat

Search this title in

Google Scholar