GUPEA >
IT Faculty / IT-fakulteten >
Department of Computer Science and Engineering / Institutionen för data- och informationsteknik >
Doctoral Theses / Doktorsavhandlingar Institutionen för data- och informationsteknik >

Efficiency and Automation in Threat Analysis of Software Systems


Please use this identifier to cite or link to this item: http://hdl.handle.net/2077/66967

Files in This Item:

File Description SizeFormat
gupea_2077_66967_4.pdfCover653KbAdobe PDF
View/Open
gupea_2077_66967_8.pdfAbstract86KbAdobe PDF
View/Open
gupea_2077_66967_9.pdfThesis frame1599KbAdobe PDF
View/Open
Title: Efficiency and Automation in Threat Analysis of Software Systems
Authors: Katja, Tuma
E-mail: katja.tuma@cse.gu.se
Issue Date: 4-Dec-2020
University: Göteborgs universitet. IT-fakulteten
Institution: Department of Computer Science and Engineering ; Institutionen för data- och informationsteknik
Parts of work: Tuma, K., Çalikli, G., & Scandariato, R. (2018). Threat analysis of software systems: A systematic literature review. Journal of Systems and Software, 144, 275-294.
VIEW ARTICLE


Tuma, K., & Scandariato, R. (2018). Two architectural threat analysis techniques compared. In Proceedings of the European Conference on Software Architecture (pp. 347-363).
VIEW ARTICLE


Tuma, K., Scandariato, R., Widman, M., & Sandberg, C. (2017). Towards security threats that matter. In Proceedings of the Computer Security: International Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS) (pp. 47-62).
VIEW ARTICLE


K. Tuma, C. Sandberg, U. Thorsson, M. Widman, T. Herpel, and R. Scandariato (2020). Finding Security Threats That Matter: Two Industrial Case Studies. In submission to JSS

Tuma, K., Scandariato, R., & Balliu, M. (2019). Flaws in flows: Unveiling design flaws via information flow analysis. In Proceedings of the International Conference on Software Architecture (ICSA) (pp. 191-200).
VIEW ARTICLE


Tuma, K., Hosseini, D., Malamas, K., & Scandariato, R. (2019). Inspection guidelines to identify security design flaws. In Proceedings of the European Conference on Software Architecture-Volume 2 (pp. 116-122).
VIEW ARTICLE


Tuma, K., Sion, L., Scandariato, R., & Yskout, K. (2020). Automating the early detection of security design flaws. In Proceedings of the International Conference on Model Driven Engineering Languages and Systems (MODELS) (pp. 332-342).
VIEW ARTICLE


Peldszus, S., Tuma, K., Strüber, D., Jürjens, J., & Scandariato, R. (2019). Secure Data-Flow Compliance Checks between Models and Code based on Automated Mappings. In Proceedings of the International Conference on Model Driven Engineering Languages and Systems (MODELS) (pp. 23-33).
VIEW ARTICLE


K.Tuma, S. Peldszus, R. Scandariato, D. Strüber, and J. Jürjens (2020). Checking Security Compliance between Models and Code. In submission to SoSyM.
Date of Defence: 2021-01-11
Disputation: Måndagen den 11 januari 2021, kl. 14.15, Rum Jupiter 473, Göteborgs Universitet, Campus Lindholmen, Hörselgången 5
Degree: Doctor of Philosophy
Publication type: Doctoral thesis
Series/Report no.: http://hdl.handle.net/2077/66967
191D
Keywords: Secure Software Design, Threat Analysis (Modeling), Automation, Security Compliance
Abstract: Context: Security is a growing concern in many organizations. Industries developing software systems plan for security early-on to minimize expensive code refactorings after deployment. In the design phase, teams of experts routinely analyze the system architecture and design to find potential security threats and flaws. After the system is implemented, the source code is often inspected to determine its compliance with the intended functionalities. Objective: The goal of this thesis is to im... more
ISBN: 978-91-8009-155-8(PDF)
978-91-8009-154-1(PRINT)
ISSN: 1652-876X
URI: http://hdl.handle.net/2077/66967
Appears in Collections:Doctoral Theses from University of Gothenburg / Doktorsavhandlingar från Göteborgs universitet
Doctoral Theses / Doktorsavhandlingar Institutionen för data- och informationsteknik

 

 

© Göteborgs universitet 2011