Measuring Attack Surface in Software Architecture
Jeffrey Gennari and
David Garlan.
Technical report, CMU-ISR-11-121, Institute for Software Research, School of Computer Science, Carnegie Mellon University, 2011.
Online links:    Plain Text
Abstract
| In this report we show how to adapt the notion of “attack surface” to formally evaluate security properties
at the architectural level of design and to identify vulnerabilities in architectural designs. Further we explore
the application of this metric in the context of architecture-based transformations to improve security
by reducing the attack surface. These transformations are described in detail and validated with a simple
experiment. |
Keywords: Acme, AcmeStudio, Architectural Analysis, Science of Security.
|
|
