Threat Analysis in Practice - Systematically Deriving Security Requirements
M. Fockel, S. Merschjohann, M. Fazal-Baqaie, in: 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018), Springer Nature Switzerland AG, 2018.
Download
No fulltext has been uploaded.
Conference Paper
| English
Author
Department
Abstract
With the growing number of incidents, the topic security gains more and more attention across all domains. Organizations realize their lack of state-of-the-art security practices, however, they struggle to improve their software lifecycle in terms of security. In this talk, we introduce the concept of security by design that implements security practices within the whole software lifecycle. Based on our practical experience from industry projects in the regulated industrial automation and unregulated classical IT domain, we explain how to perform a threat analysis and how to integrate it into the software lifecycle.
Publishing Year
Proceedings Title
19th International Conference on Product-Focused Software Process Improvement (PROFES 2018)
forms.conference.field.series_title_volume.label
LNCS 11271
LibreCat-ID
Cite this
Fockel M, Merschjohann S, Fazal-Baqaie M. Threat Analysis in Practice - Systematically Deriving Security Requirements. In: 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018). LNCS 11271. Springer Nature Switzerland AG; 2018. doi:10.1007/978-3-030-03673-7_25
Fockel, M., Merschjohann, S., & Fazal-Baqaie, M. (2018). Threat Analysis in Practice - Systematically Deriving Security Requirements. In 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018). Springer Nature Switzerland AG. https://doi.org/10.1007/978-3-030-03673-7_25
@inproceedings{Fockel_Merschjohann_Fazal-Baqaie_2018, series={LNCS 11271}, title={Threat Analysis in Practice - Systematically Deriving Security Requirements}, DOI={10.1007/978-3-030-03673-7_25}, booktitle={19th International Conference on Product-Focused Software Process Improvement (PROFES 2018)}, publisher={Springer Nature Switzerland AG}, author={Fockel, Markus and Merschjohann, Sven and Fazal-Baqaie, Masud}, year={2018}, collection={LNCS 11271} }
Fockel, Markus, Sven Merschjohann, and Masud Fazal-Baqaie. “Threat Analysis in Practice - Systematically Deriving Security Requirements.” In 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018). LNCS 11271. Springer Nature Switzerland AG, 2018. https://doi.org/10.1007/978-3-030-03673-7_25.
M. Fockel, S. Merschjohann, and M. Fazal-Baqaie, “Threat Analysis in Practice - Systematically Deriving Security Requirements,” in 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018), 2018.
Fockel, Markus, et al. “Threat Analysis in Practice - Systematically Deriving Security Requirements.” 19th International Conference on Product-Focused Software Process Improvement (PROFES 2018), Springer Nature Switzerland AG, 2018, doi:10.1007/978-3-030-03673-7_25.