扫兴
发表于 2025-3-28 16:20:05
http://reply.papertrans.cn/87/8634/863381/863381_41.png
大气层
发表于 2025-3-28 22:24:04
Program Model for Object-oriented Languagesof a software system analyzable, we have to extract a suitable program representation from the source code of the software system. Common representations, such as UML models or abstract syntax trees (AST), are either too abstract for meaningful design-level quality and security analyses of the imple
Carcinoma
发表于 2025-3-29 01:55:11
http://reply.papertrans.cn/87/8634/863381/863381_43.png
迷住
发表于 2025-3-29 04:54:43
Application to Legacy Projects using Reverse-Engineeringve initially developed using GRaViTY. In practice, software systems are often developed not using models as essential development artifacts at all. Nevertheless, informal modeling approaches are widely spread in the industry. If models are created at design time, these are often not maintained in th
使服水土
发表于 2025-3-29 10:47:55
Static Security Compliance Checksnder development. Traditionally, security compliance is checked in manual security audits, e.g., as specified in the IEEE 1028-2009 standard for software reviews and audits. As the effort for such audits is very high, audits are only performed from time to time. For this reason, approaches like SecD
Colonnade
发表于 2025-3-29 14:34:52
Verification and Enforcement of Security at Run-time. Unfortunately, few approaches cover coupling these phases so far. Following our approach, during software development, different representations of a software system are created, e.g., to plan the security of a software system before implementing it. All of these single representations have to be
laxative
发表于 2025-3-29 18:52:19
http://reply.papertrans.cn/87/8634/863381/863381_47.png
strain
发表于 2025-3-29 22:15:14
Specification of Variability throughout Variant-rich Software Systemstude of security threats. To allow dealing with these threats but also to allow traceability of security requirements on different system representations, we need an appropriate notation for security assumptions as well as for variability points. These requirements have to allow automated security a
一起平行
发表于 2025-3-30 01:19:48
Security in UML Product Linesrmeate the entire software system, the system design needs to treat them as first-class citizens. To this end, model-based techniques, such as UMLsec, can be used to specify and analyze the consistency of security requirements in early phases, such as in architecture models at design time. However,
spondylosis
发表于 2025-3-30 06:22:22
Security Compliance and Restructuring in Variant-rich Software Systemsly, to severe challenges. Notably, this applies to software engineering tasks such as refactorings, refinements, and evolution steps, which, to support systematic management, are often expressed as model transformations, e.g., security-preserving refactorings or security violation patterns. The open