A requirement engineering driven approach to security architecture design for distributed embedded systems

Abstract : During the last ten years, the impact of security concerns on the development and exploration of distributed embedded systems never ceased to grow. This is mainly related to the fact that these systems are increasingly interconnected and thus vulnerable to attacks, and that the economic interest in attacking them has simultane- ously increased. In such a context, requirement engineering methodologies and tools have become necessary to take appropriate decisions regarding security early on. Security requirements engineering should thus strongly support the elicitation and specifica- tion of software security issues and solutions well before designers and developers are committed to a particular implementation. However, and that is especially true in embedded systems, security requirements should not be considered only as the abstract expression of a set of properties independently from the system architecture or from the threats and attacks that may occur. We believe this consideration is of utmost importance for security requirements engineering to be the driving force behind the design and implementation of a secure system. We thus describe in this thesis a security engineering requirement methodology depending upon a constant dialog between the design of system functions, the requirements that are attached to them, the design and development of the system architecture, and the assessment of the threats to system assets. Our approach in particular relies on a knowledge-centric approach to security requirement engineering, applicable from the early phases of system conceptualization to the enforcement of security requirements.
Complete list of metadatas

Cited literature [145 references]  Display  Hide  Download

https://pastel.archives-ouvertes.fr/tel-01251856
Contributor : Abes Star <>
Submitted on : Wednesday, January 6, 2016 - 6:42:06 PM
Last modification on : Friday, May 17, 2019 - 12:41:16 PM
Long-term archiving on : Thursday, April 7, 2016 - 4:15:45 PM

File

TheseIdreesV2.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01251856, version 1

Citation

Muhammad Sabir Idrees. A requirement engineering driven approach to security architecture design for distributed embedded systems. Embedded Systems. Télécom ParisTech, 2012. English. ⟨NNT : 2012ENST0045⟩. ⟨tel-01251856⟩

Share

Metrics

Record views

339

Files downloads

807