Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Threat analysis in practice - Systematically deriving security requirements

: Fockel, M.; Merschjohann, S.; Fazal-Baqaie, M.


Kuhrmann, Marco:
Product-Focused Software Process Improvement. 19th International Conference, PROFES 2018. Proceedings : Wolfsburg, Germany, November 28-30, 2018
Cham: Springer International Publishing, 2018 (Lecture Notes in Computer Science 11271)
ISBN: 978-3-030-03673-7
ISBN: 978-3-030-03672-0
ISBN: 978-3-030-03674-4
International Conference on Product-Focused Software Process Improvement (PROFES) <19, 2018, Wolfsburg>
Fraunhofer IEM ()

With the growing number of incidents, the topic security gains more and more attention across all domains. Organizations realize their lack of state-of-the-art security practices, however, they struggle to improve their software lifecycle in terms of security. In this talk, we introduce the concept of security by design that implements security practices within the whole software lifecycle. Based on our practical experience from industry projects in the regulated industrial automation and unregulated classical IT domain, we explain how to perform a threat analysis and how to integrate it into the software lifecycle.