Modelling Tool Extension for Vulnerability Management
Abstract
Managing vulnerabilities with respect to the design of systems is essential to securing systems and establishing their trustworthiness. Until now, there has been no modelling tool to support vulnerability management within the context of system design. We present a new, open-source extension of a systems security design and assessment tool. First and foremost, this extension integrates a pertinent vulnerability management domain ontology into the tool's underlying metamodel. Based on the extended metamodel, the enriched tool supports importing information from vulnerability-related knowledge bases as well as capturing new vulnerability information and security rules. This information can then be used in an integrative and scalable form to analyse and reason about the security of systems designs. The extended tool now includes an automated reasoning mechanism for establishing the vulnerability posture of systems designs.
Keywords
Threat modelling
Vulnerability management
Security by design
CCS CONCEPTS
Modeling and simulation
Model development and analysis
Modeling methodologies Security and privacy
Systems security
Vulnerability management Security and privacy
Software and application security
Software security engineering
Model driven engineering
Computing methodologies
Domains
Computer Science [cs]Origin | Files produced by the author(s) |
---|