Art der Publikation: Beitrag in Sammelwerk

A Common Body of Knowledge for Engineering Secure Software and Services

Autor(en):

Schwittek, Widura; Schmidt, Holger; Beckers, Kristian; Eicker, Stefan; Faßbender, Stephan; Heisel, Maritta

Titel des Sammelbands:

Proceedings of the 7th International Conference on Availability, Reliability and Security

Seiten:

499-506

Verlag:

IEEE

Veröffentlichung:

2012

Digital Object Identifier (DOI):

doi:10.1109/ARES.2012.31

Link zum Volltext:

https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6329223

Zitation:

Download BibTeX

Kurzfassung

The discipline of engineering secure software and services brings together researchers and practitioners from software, services, and security engineering. This interdisciplinary community is fairly new, it is still not well integrated and is therefore confronted with differing perspectives, processes, methods, tools, vocabularies, and standards. We present a Common Body of Knowledge (CBK) to overcome the aforementioned problems. We capture use cases from research and practice to derive requirements for the CBK. Our CBK collects, integrates, and structures knowledge from the different disciplines based on an ontology that allows one to semantically enrich content to be able to query the CBK. The CBK heavily relies on user participation, making use of the Semantic MediaWiki as a platform to support collaborative writing. The ontology is complemented by a conceptual framework, consisting of concepts to structure the knowledge and to provide access to it, and a means to build a common terminology. We also present organizational factors covering dissemination and quality assurance.