Maintaining Security in Software Evolution

Research output: Chapter in book/report/conference proceedingContribution to book/anthologyResearchpeer review

Authors

  • Jan Jürjens
  • Kurt Schneider
  • Jens Bürger
  • Fabien Patrick Viertel
  • Daniel Strüber
  • Michael Goedicke
  • Ralf Reußner
  • Robert Heinrich
  • Emre Taspolatoglu
  • Konersmann Marco
  • Alexander Fay
  • Winfried Lamersdorf
  • Jan Ladiges
  • Christopher Haubeck

Research Organisations

External Research Organisations

  • Karlsruhe Institute of Technology (KIT)
  • University of Koblenz-Landau
  • University of Duisburg-Essen
  • FZI Research Center for Information Technology
  • Helmut Schmidt University
  • Universität Hamburg
View graph of relations

Details

Original languageEnglish
Title of host publicationManaged Software Evolution
EditorsRalf Reussner, Michael Goedicke, Wilhelm Hasselbring, Birgit Vogel-Heuser, Jan Keim, Lukas Märtin
PublisherSpringer Open
Pages207-253
Edition1.
ISBN (electronic)978-3-030-13499-0
ISBN (print)978-3-030-13498-3, 978-3-030-13501-0
Publication statusPublished - 27 Jun 2019

Abstract

In this chapter, we introduce a three-layered framework for maintaining security in software evolution at design time and run time. Additionally, we present a suite of five approaches that employ the framework. Two approaches focus on design-time use of knowledge extracted from natural-language documents to identify potential steps for co-evolving the system’s design and on integrating architecture model information with program code. A third approach bridges design time and run time to support architects as the software evolves. The two remaining approaches focus on run-time security maintenance. The fourth approach monitors run-time information in order to detect suspicious behaviour, which is reacted to automatically by adapting the system with mitigation, while the fifth approach focuses on interdisciplinary changes in automation software. In combination, the approaches address current challenges for security maintenance at design time and run time.

Cite this

Maintaining Security in Software Evolution. / Jürjens, Jan; Schneider, Kurt; Bürger, Jens et al.
Managed Software Evolution. ed. / Ralf Reussner; Michael Goedicke; Wilhelm Hasselbring; Birgit Vogel-Heuser; Jan Keim; Lukas Märtin. 1. ed. Springer Open, 2019. p. 207-253.

Research output: Chapter in book/report/conference proceedingContribution to book/anthologyResearchpeer review

Jürjens, J, Schneider, K, Bürger, J, Viertel, FP, Strüber, D, Goedicke, M, Reußner, R, Heinrich, R, Taspolatoglu, E, Marco, K, Fay, A, Lamersdorf, W, Ladiges, J & Haubeck, C 2019, Maintaining Security in Software Evolution. in R Reussner, M Goedicke, W Hasselbring, B Vogel-Heuser, J Keim & L Märtin (eds), Managed Software Evolution. 1. edn, Springer Open, pp. 207-253. https://doi.org/10.1007/978-3-030-13499-0_9
Jürjens, J., Schneider, K., Bürger, J., Viertel, F. P., Strüber, D., Goedicke, M., Reußner, R., Heinrich, R., Taspolatoglu, E., Marco, K., Fay, A., Lamersdorf, W., Ladiges, J., & Haubeck, C. (2019). Maintaining Security in Software Evolution. In R. Reussner, M. Goedicke, W. Hasselbring, B. Vogel-Heuser, J. Keim, & L. Märtin (Eds.), Managed Software Evolution (1. ed., pp. 207-253). Springer Open. https://doi.org/10.1007/978-3-030-13499-0_9
Jürjens J, Schneider K, Bürger J, Viertel FP, Strüber D, Goedicke M et al. Maintaining Security in Software Evolution. In Reussner R, Goedicke M, Hasselbring W, Vogel-Heuser B, Keim J, Märtin L, editors, Managed Software Evolution. 1. ed. Springer Open. 2019. p. 207-253 doi: https://doi.org/10.1007/978-3-030-13499-0_9
Jürjens, Jan ; Schneider, Kurt ; Bürger, Jens et al. / Maintaining Security in Software Evolution. Managed Software Evolution. editor / Ralf Reussner ; Michael Goedicke ; Wilhelm Hasselbring ; Birgit Vogel-Heuser ; Jan Keim ; Lukas Märtin. 1. ed. Springer Open, 2019. pp. 207-253
Download
@inbook{9fcbe1337e154944aab545b8debdba65,
title = "Maintaining Security in Software Evolution",
abstract = "In this chapter, we introduce a three-layered framework for maintaining security in software evolution at design time and run time. Additionally, we present a suite of five approaches that employ the framework. Two approaches focus on design-time use of knowledge extracted from natural-language documents to identify potential steps for co-evolving the system{\textquoteright}s design and on integrating architecture model information with program code. A third approach bridges design time and run time to support architects as the software evolves. The two remaining approaches focus on run-time security maintenance. The fourth approach monitors run-time information in order to detect suspicious behaviour, which is reacted to automatically by adapting the system with mitigation, while the fifth approach focuses on interdisciplinary changes in automation software. In combination, the approaches address current challenges for security maintenance at design time and run time.",
author = "Jan J{\"u}rjens and Kurt Schneider and Jens B{\"u}rger and Viertel, {Fabien Patrick} and Daniel Str{\"u}ber and Michael Goedicke and Ralf Reu{\ss}ner and Robert Heinrich and Emre Taspolatoglu and Konersmann Marco and Alexander Fay and Winfried Lamersdorf and Jan Ladiges and Christopher Haubeck",
year = "2019",
month = jun,
day = "27",
doi = "https://doi.org/10.1007/978-3-030-13499-0_9",
language = "English",
isbn = "978-3-030-13498-3",
pages = "207--253",
editor = "Ralf Reussner and Michael Goedicke and Wilhelm Hasselbring and Birgit Vogel-Heuser and Jan Keim and Lukas M{\"a}rtin",
booktitle = "Managed Software Evolution",
publisher = "Springer Open",
address = "United Kingdom (UK)",
edition = "1.",

}

Download

TY - CHAP

T1 - Maintaining Security in Software Evolution

AU - Jürjens, Jan

AU - Schneider, Kurt

AU - Bürger, Jens

AU - Viertel, Fabien Patrick

AU - Strüber, Daniel

AU - Goedicke, Michael

AU - Reußner, Ralf

AU - Heinrich, Robert

AU - Taspolatoglu, Emre

AU - Marco, Konersmann

AU - Fay, Alexander

AU - Lamersdorf, Winfried

AU - Ladiges, Jan

AU - Haubeck, Christopher

PY - 2019/6/27

Y1 - 2019/6/27

N2 - In this chapter, we introduce a three-layered framework for maintaining security in software evolution at design time and run time. Additionally, we present a suite of five approaches that employ the framework. Two approaches focus on design-time use of knowledge extracted from natural-language documents to identify potential steps for co-evolving the system’s design and on integrating architecture model information with program code. A third approach bridges design time and run time to support architects as the software evolves. The two remaining approaches focus on run-time security maintenance. The fourth approach monitors run-time information in order to detect suspicious behaviour, which is reacted to automatically by adapting the system with mitigation, while the fifth approach focuses on interdisciplinary changes in automation software. In combination, the approaches address current challenges for security maintenance at design time and run time.

AB - In this chapter, we introduce a three-layered framework for maintaining security in software evolution at design time and run time. Additionally, we present a suite of five approaches that employ the framework. Two approaches focus on design-time use of knowledge extracted from natural-language documents to identify potential steps for co-evolving the system’s design and on integrating architecture model information with program code. A third approach bridges design time and run time to support architects as the software evolves. The two remaining approaches focus on run-time security maintenance. The fourth approach monitors run-time information in order to detect suspicious behaviour, which is reacted to automatically by adapting the system with mitigation, while the fifth approach focuses on interdisciplinary changes in automation software. In combination, the approaches address current challenges for security maintenance at design time and run time.

U2 - https://doi.org/10.1007/978-3-030-13499-0_9

DO - https://doi.org/10.1007/978-3-030-13499-0_9

M3 - Contribution to book/anthology

SN - 978-3-030-13498-3

SN - 978-3-030-13501-0

SP - 207

EP - 253

BT - Managed Software Evolution

A2 - Reussner, Ralf

A2 - Goedicke, Michael

A2 - Hasselbring, Wilhelm

A2 - Vogel-Heuser, Birgit

A2 - Keim, Jan

A2 - Märtin, Lukas

PB - Springer Open

ER -

By the same author(s)

  1. What you see is what you trace: a two-stage interview study on traceability practices and eye tracking potential

    Research output: Contribution to journalArticleResearchpeer review

  2. Paving the Way Towards an Effective Vision Video Usage: An Exploratory Study

    Research output: Chapter in book/report/conference proceedingConference contributionResearchpeer review

  3. Human factors in model-driven engineering: future research goals and initiatives for MDE

    Research output: Contribution to journalArticleResearchpeer review

  4. How Explainable Is Your System? Towards a Quality Model for Explainability

    Research output: Chapter in book/report/conference proceedingContribution to book/anthologyResearchpeer review

  5. Turning asynchronicity into an opportunity: asynchronous communication for shared understanding with vision videos

    Research output: Contribution to journalArticleResearchpeer review