Plan It! Automated Security Testing Based on Planning

Wotawa, Franz; Božić, Josip

doi:10.1007/978-3-662-44857-1_4

Cited by 6 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work of Feudjio was supported by the DIAMONDS project. Other results achieved within this project include a work by Wotawa and Bozic [50] where they propose a planning-based approach to security testing. The authors represent security testing as a planning problem with the goal of breaking the application under test.…”

Section: Related Workmentioning

confidence: 99%

Security Requirements as Code: Example from VeriDevOps Project

Ismaeel

Naumchev

Sadovykh

et al. 2021

2021 IEEE 29th International Requirements Engineering Conference Workshops (REW)

View full text Add to dashboard Cite

This position paper presents and illustrates the concept of security requirements as code -a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Objectoriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.

show abstract

Section: Related Workmentioning

confidence: 99%