Traceability for the maintenance of secure software

Yu, Yijun; Jurjens, Jan and Mylopoulos, John (2008). Traceability for the maintenance of secure software. In: 2008 IEEE International Conference on Software Maintenance, p. 297.

DOI: https://doi.org/10.1109/ICSM.2008.4658078

Abstract

Traceability links among different software engineering artifacts make explicit how a software system was implemented to accommodate its requirements. For secure and dependable software system development, one must ensure the linked entities are truly traceable to each other and the links are updated to reflect true traceability among changed entities. However, traditional traceability relationships link recovery techniques are not accurate enough. To address this problem, we propose a traceability technique based on refactoring, which is then continuously integrated with other software maintenance activities. Applying our traceability technique to the proven SSL protocol design, we found a significant vulnerability bug in its open-source implementation. The results also demonstrate the level of accuracy and change resilience of our technique that enable reuse of the traceability-related analysis on different implementations.

Viewing alternatives

Metrics

Item Actions

Export

You can export this page using these formats Digital Object Identifier - DOI

About

• Item ORO ID
• 19406
• Item Type
• Conference or Workshop Item
• Academic Unit or School
• Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
  Faculty of Science, Technology, Engineering and Mathematics (STEM)
• Research Group
• Centre for Research in Computing (CRC)
• Copyright Holders
• © 2008 IEEE
• Depositing User
• Yijun Yu