Inspecting Software Architecture Design Styles to Infer Threat Models and Inform Likely Attacks

Research output: Chapter in Book/Published conference outputConference publication

Abstract

Software architects reason about systems according to the set of relevant quality attributes to observe aligning it to their operational objectives. They inspect properties such as usability, performance, maintainability, scalability, and security, to mention a few, to select over different design styles to maximise systems’ capabilities altogether. The idea of this work is to describe ways of leveraging Threat Modelling (TM) approaches in early architectural designs by creating models from known and document available styles. Our proposal is to comment on those models and how they are related to the system overall architecture, offering means to model re-use functioning as the set of initial considerations that could be readily adapted for capturing more complex behaviours. We surveyed TM tools and approaches, and discussed relevant architectural styles and how they could generate threat models to inform most likely attacks. Finally, we discuss how to create basic models that security officers could use to enhance their cybersecurity analysis in software-intensive systems.
Original languageEnglish
Title of host publicationContributions Presented at The International Conference on Computing, Communication, Cybersecurity and AI, July 3–4, 2024, London, UK: The C3AI2024
EditorsNitin Naik, Paul Jenkins, Shaligram Prajapat, Paul Grace
Chapter4
Pages67-81
Number of pages15
Edition1
ISBN (Electronic)9783031744433
DOIs
Publication statusPublished - 20 Dec 2024

Publication series

NameLecture Notes in Networks and Systems (LNNS)
Volume884
Name
ISSN (Electronic)2367-3389

Keywords

  • Attack Modelling Techniques
  • Software Architecture Styles
  • Threat Modelling

Fingerprint

Dive into the research topics of 'Inspecting Software Architecture Design Styles to Infer Threat Models and Inform Likely Attacks'. Together they form a unique fingerprint.

Cite this