Modelling Tool Extension for Vulnerability Management - Smart Modeling for software Research and Technology
Preprints, Working Papers, ... Year : 2024

Modelling Tool Extension for Vulnerability Management

Abstract

Managing vulnerabilities with respect to the design of systems is essential to securing systems and establishing their trustworthiness. Until now, there has been no modelling tool to support vulnerability management within the context of system design. We present a new, open-source extension of a systems security design and assessment tool. First and foremost, this extension integrates a pertinent vulnerability management domain ontology into the tool's underlying metamodel. Based on the extended metamodel, the enriched tool supports importing information from vulnerability-related knowledge bases as well as capturing new vulnerability information and security rules. This information can then be used in an integrative and scalable form to analyse and reason about the security of systems designs. The extended tool now includes an automated reasoning mechanism for establishing the vulnerability posture of systems designs.
Fichier principal
Vignette du fichier
paper_16-2.pdf (697.33 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-04696251 , version 1 (12-09-2024)

Identifiers

  • HAL Id : hal-04696251 , version 1

Cite

Avi Shaked, Nan Zhang Messe, Tom Melham. Modelling Tool Extension for Vulnerability Management. 2024. ⟨hal-04696251⟩
67 View
25 Download

Share

More