Responsible for this page: Nahid Shahmehri, nahsh@ida.liu.se
Page last updated: 2009-08-24
LiU » IDA » Division » ADIT » Security and networks group » Methods and Tools for Secure Software


Linköpings universitet

A - Z | More search functions

[ Go to content ]

A - Z | More search functions

På Svenska Svenska | Accessibility
Go to LiU.se

Division ADIT

  •  

    • Groups

    LiU » IDA » Division » ADIT » Security and networks group » Methods and Tools for Secure Software

    Division ADIT

  •  

    • Groups

    Methods and Tools for Secure Software

    Principal investigator: Professor Nahid Shahmehri
    Members: David Byers
    Shanai Ardi
    Partners: Sectra Communications
    Ericsson
    Saab Combitech
    Funding agency: VINNOVA
    Related projects: SHIELDS: Detecting known security vulnerabilities from within design and development tools
    Keywords: software security, software engineering, vulnerability modeling, root cause analysis

    Summary

    By creating a software security meta-process, we are developing the tools that software developers need to continuously improve their development processes, in order to prevent vulnerabilities from being introduced into the software they develop. Our approach differs from conventional approaches in that we do not prescribe a set of practices. Instead, our approach helps each user determine which practices they need.

    Publications

    • Shanai Ardi, Nahid Shahmehri. Integrating a security plug-in with the OpenUP/Basic development process. In the proceedings of the Third International Conference on Availability, Reliability and Security, ARES2008 (IEEE Computer Society ed.), Pages 284-291, Barcelona, Spain, March 2008.
    • David Byers, Nahid Shahmehri. "A Cause-Based Approach to Preventing Software Vulnerabilities", Proceedings of the Third International Conference on Availability, Reliability and Security, ARES2008 (IEEE Computer Society ed.), Pages 276-283, Barcelona, Spain, March 2008. Best Paper Award.
    • Shanai Ardi, David Byers, Nahid Shahmehri. How can the developer benefit from security modeling?', Workshop on Secure Software Engineering (SecSE 2007), in conjunction with the ARES 2007 conference, organized by Dexa Ascociation in cooperation with ENISA (European Network and Information Security Agency), 1017-1025, April 10-13, Vienna, 2007. IEEE CS.
    • David Byers, Nahid Shahmehri. Design of a Process for Software Security. In the proceedings of the Second International Conference on Availability, Reliability and Security, ARES 2007. Vienna, 2007. IEEE CS.
    • David Byers, Shanai Ardi, Nahid Shahmehri, and Claudiu Duma. Modeling Software Vulnerabilities With Vulnerability Cause Graphs. In the proceedings of the International Conference on Software Maintenance (ICSM 2006), September 24-27, 2006, Philadelphia, Pennsylvania.
    • Shanai Ardi, David Byers, and Nahid Shahmehri. Towards a Structured Unified Process for Software Security. In the proceedings of the Software Engineering for Secure Systems Workshop, (SESS), held in conjunction with the 28th International Conference on Software Engineering, (ICSE 2006), May 20-28, 2006, Shanghai, China.
    Responsible for this page: Nahid Shahmehri   Last updated: 2009-08-24

    Tel: +46 13 28 10 00
    Fax: +46 13 14 22 31

    Share|E-mail
    Top of page

    Department of Computer and Information Science
    Linköping University
    SE-581 83 LINKÖPING
    Contact IDA | Maps