Options
2010
Report
Title
Tool-supported inspections. Using security models as reading support for defect detection
Abstract
The quality assurance technique software inspection is often not sufficiently appreciated, especially for analyzing the quality attribute security of large and complex systems. Limited security expertise among software developers, reservations concerning the required inspection effort and missing acquaintance with the potential benefits of software inspections are some reasons why security inspections are still not in prevalent use. To provide better security guidance for inexperienced inspectors in a generic and reusable way and to reduce the barriers for applying software security inspections, we introduce four different inspection models that lead even unskilled inspectors through critical security aspects. An inspection tool supporting most of these models has been developed to enhance the efficiency of the defect detection. In this article, we give an overview of the four security models and show an exemplarily application with our inspection tool.
Publishing Place
Kaiserslautern