Sarch-Checks: A Method for Checking Software Architecture Security Properties Using a Knowledge Graph - LIRMM - Laboratoire d’Informatique, de Robotique et de Microélectronique de Montpellier
Conference Papers Year : 2024

Sarch-Checks: A Method for Checking Software Architecture Security Properties Using a Knowledge Graph

Abstract

Checking the security properties of a software system during design is essential to enable the construction of a foundationally secure system. However, combining design tasks with security checks leads to a difficult and error-prone activity. This paper presents a checking method for security properties, called Sarch-Checks. This method allows analyzing the context of architectural elements in terms of an expected security property and identifying the presence of countermeasures and vulnerabilities. It uses an architectural description of the system to be analyzed, through the use of a modeling language. It also uses a knowledge graph, modeled and built from the elements of the software architecture, and cybersecurity elements taken from official information sources such as NIST and MITRE. This solution is an aide to the architect to design more secure architectures. Additionally, a validation process of the proposed method is presented through a case study based on a real report of a vulnerability in an open-source software system.
No file

Dates and versions

lirmm-04837203 , version 1 (13-12-2024)

Identifiers

Cite

Jeisson Andrés Vergara Vargas, Salah Sadou, Chouki Tibermacine, Felipe Restrepo-Calle. Sarch-Checks: A Method for Checking Software Architecture Security Properties Using a Knowledge Graph. ICSA-C 2024 - IEEE 21st International Conference on Software Architecture Companion, Jun 2024, Hyderabad, India. pp.135-142, ⟨10.1109/icsa-c63560.2024.00030⟩. ⟨lirmm-04837203⟩
11 View
0 Download

Altmetric

Share

More