Assessing the Usefulness of Testing for Validating and Correcting Security Risk Models Based on Two Industrial Case Studies

Erdogan, Gencer; Seehusen, Fredrik; Stølen, Ketil; Hofstad, Jon; Aagedal, Jan Øyvind

doi:10.4018/ijsse.2015040105

Cited by 3 publications

(3 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…6, no. 2, 2015) [43]. This thesis presents the camera-ready version of the paper because the published version was not available at the time of writing.…”

Section: Paper 5: Assessing the Usefulness Of Testing For Validating And Correcting Security Risk Models Based On Two Industrial Case Stumentioning

confidence: 99%

Approaches for the combined use of risk analysis and testing: a systematic literature review

Erdogan

Runde

et al. 2014

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

The continuous increase of sophisticated cyber security risks exposed to the public, industry, and government through the web, mobile devices, social media, as well as targeted attacks via state-sponsored cyberespionage, clearly show the need for software security. Security testing is one of the most important practices to assure an acceptable level of security. However, security testers face the problem of determining the tests that are most likely to reveal severe security vulnerabilities. This is important in order to focus security testing on the most risky aspects of a system.In response to this challenge, the security testing community has proposed an approach to support security testing with security risk assessment (risk-driven security testing). In general, the purpose of risk-driven security testing is to focus the testing on the most severe security risks that the system under test is exposed to. However, current approaches carry out risk assessment at a high-level of abstraction (for example, business level) and then perform the testing accordingly. This is a disadvantage from a testing perspective because it leaves a gap between the risks and the test cases which are defined at a low-level of abstraction (for example, implementation level). This gap makes it difficult to identify exactly where in the system risks occur, and exactly how the risks should be tested. This also indicates that current approaches focus on risk-driven test planning at a high-level of abstraction for test management purposes, and do not necessarily focus on guiding the tester in designing test cases that have the ability to reveal vulnerabilities causing the most severe risks.This thesis proposes a model-based approach to risk-driven security testing, named CORAL, which is specifically developed to help security testers select and design test cases based on the available risk picture. The CORAL approach consists of seven steps supported by a risk analysis language. The risk analysis language is a modeling language based on UML interactions, and is formalized by an abstract syntax and a schematically defined natural-language semantics.As part of the development and evaluation process of the CORAL approach we carried out three industrial case studies. In the first two case studies, we investigated how risk assessment may be used to identify security test cases, as well as how security testing may be used to improve security risk analysis results. The experiences we obtained from these two industrial case studies helped us to, among other things, shape the CORAL approach. In the third case study we carried out the CORAL approach in an industrial setting in order to evaluate its applicability. The results indicate that CORAL supports security testers in producing risk models that are valid and directly testable. By directly testable risk models we mean risk models that can be reused and specified as test cases based on the interactions in the risk models. This, in turn, helps testers to select and design test cases according to t...

show abstract

“…6, no. 2, 2015) [43]. This thesis presents the camera-ready version of the paper because the published version was not available at the time of writing.…”

Section: Paper 5: Assessing the Usefulness Of Testing For Validating And Correcting Security Risk Models Based On Two Industrial Case Stumentioning

confidence: 99%

Approaches for the combined use of risk analysis and testing: a systematic literature review

Erdogan

Runde

et al. 2014

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

show abstract

“…With RBST and TBRA there are at least two different ways how risk assessment and security testing can interact, but of course it should be possible to combine both, too. [11] uses a combination of both approaches, but it does not propose any technique or detailed guideline for how to update the risk model based on the test results.…”

Section: State Of the Artmentioning

confidence: 99%

Combining Risk Analysis and Security Testing

Großmann

Schneider

Viehmann

et al. 2014

Leveraging Applications of Formal Methods, Verification and Validation. Specialized Techniques and Applications

View full text Add to dashboard Cite

A systematic integration of risk analysis and security testing allows for optimizing the test process as well as the risk assessment itself. The result of the risk assessment, i.e. the identified vulnerabilities, threat scenarios and unwanted incidents, can be used to guide the test identification and may complement requirements engineering results with systematic information concerning the threats and vulnerabilities of a system and their probabilities and consequences. This information can be used to weight threat scenarios and thus help identifying the ones that need to be treated and tested more carefully. On the other side, risk-based testing approaches can help to optimize the risk assessment itself by gaining empirical knowledge on the existence of vulnerabilities, the applicability and consequences of threat scenarios and the quality of countermeasures. This paper outlines a tool-based approach for risk-based security testing that combines the notion of risk-assessment with a pattern-based approach for automatic test generation relying on test directives and strategies and shows how results from the testing are systematically fed back into the risk assessment.

show abstract

“…There have been several publications about this approach, e.g. [12] [13], but there is no general applicable methodology and not much tool support.…”

Section: Security Testing In Combination With Risk Assessmentmentioning

confidence: 99%

Towards Integration of Compositional Risk Analysis Using Monte Carlo Simulation and Security Testing

Viehmann

2014

Risk Assessment and Risk-Driven Testing

View full text Add to dashboard Cite

show abstract

Assessing the Usefulness of Testing for Validating and Correcting Security Risk Models Based on Two Industrial Case Studies

Cited by 3 publications

References 11 publications

Approaches for the combined use of risk analysis and testing: a systematic literature review

Approaches for the combined use of risk analysis and testing: a systematic literature review

Combining Risk Analysis and Security Testing

Towards Integration of Compositional Risk Analysis Using Monte Carlo Simulation and Security Testing

Contact Info

Product

Resources

About