Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Tool-supported inspections. Using security models as reading support for defect detection

 
: Jung, Christian; Elberzhager, Frank; Eschbach, Robert

Kaiserslautern, 2010, VII, 14 pp.
IESE-Report, 039.10/E
Reportnr.: 039.10/E
English
Report
Fraunhofer IESE ()
inspection; tool; security; defect detection; quality assurance; SHIELDS

Abstract
The quality assurance technique software inspection is often not sufficiently appreciated, especially for analyzing the quality attribute security of large and complex systems. Limited security expertise among software developers, reservations concerning the required inspection effort and missing acquaintance with the potential benefits of software inspections are some reasons why security inspections are still not in prevalent use. To provide better security guidance for inexperienced inspectors in a generic and reusable way and to reduce the barriers for applying software security inspections, we introduce four different inspection models that lead even unskilled inspectors through critical security aspects. An inspection tool supporting most of these models has been developed to enhance the efficiency of the defect detection. In this article, we give an overview of the four security models and show an exemplarily application with our inspection tool.

: http://publica.fraunhofer.de/documents/N-145888.html