Type of Publication: Article in Collected Edition

A Common Body of Knowledge for Engineering Secure Software and Services

Author(s):

Schwittek, Widura; Schmidt, Holger; Beckers, Kristian; Eicker, Stefan; Faßbender, Stephan; Heisel, Maritta

Title of Anthology:

Proceedings of the 7th International Conference on Availability, Reliability and Security

pages:

499-506

Publisher:

IEEE

Publication Date:

2012

Digital Object Identifier (DOI):

doi:10.1109/ARES.2012.31

Link to complete version:

https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6329223

Citation:

Download BibTeX

Abstract

The discipline of engineering secure software and services brings together researchers and practitioners from software, services, and security engineering. This interdisciplinary community is fairly new, it is still not well integrated and is therefore confronted with differing perspectives, processes, methods, tools, vocabularies, and standards. We present a Common Body of Knowledge (CBK) to overcome the aforementioned problems. We capture use cases from research and practice to derive requirements for the CBK. Our CBK collects, integrates, and structures knowledge from the different disciplines based on an ontology that allows one to semantically enrich content to be able to query the CBK. The CBK heavily relies on user participation, making use of the Semantic MediaWiki as a platform to support collaborative writing. The ontology is complemented by a conceptual framework, consisting of concepts to structure the knowledge and to provide access to it, and a means to build a common terminology. We also present organizational factors covering dissemination and quality assurance.