An Extensive Systematic Review on Model-Driven Development of Secure Systems
نویسندگان
چکیده
Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research on MDS has resulted in a large number of publications. Objective: To provide a detailed analysis of the state of the art in MDS, a systematic literature review (SLR) is essential. Method: We conducted an extensive SLR on MDS. Derived from our research questions, we designed a rigorous, extensive search and selection process to identify a set of primary MDS studies that is as complete as possible. Our three-pronged search process consists of automatic searching, manual searching, and snowballing. After discovering and considering more than thousand relevant papers, we identified, strictly selected, and reviewed 108 MDS publications. Results: The results of our SLR show the overall status of the key artefacts of MDS, and the identified primary MDS studies. E.g. regarding security modelling artefact, we found that developing domain-specific languages plays a key role in many MDS approaches. The current limitations in each MDS artefact are pointed out and corresponding potential research directions are suggested. Moreover, we categorise the identified primary MDS studies into 5 principal MDS studies, and other emerging or less common MDS studies. Finally, some trend analyses of MDS research are given. Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the MDS development cycle, and for more empirical studies on the application of MDS methodologies. To the best of our knowledge, this SLR is the first in the field of Software Engineering that combines a snowballing strategy with database searching. This combination has delivered an extensive literature study on MDS.
منابع مشابه
An extensive systematic review on the Model-Driven Development of secure systems
Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems. Over a decade of research onMDS has resulted in a large number
متن کاملData-Driven Approaches to Improve the Quality of Clinical Processes: A Systematic Review
Background: Considering the emergence of electronic health records and their related technologies, an increasing attention is paid to data driven approaches like machine learning, data mining, and process mining. The aim of this paper was to identify and classify these approaches to enhance the quality of clinical processes. Methods: In order to determine the knowledge related to the research ...
متن کاملA systematic review of security requirements engineering
a r t i c l e i n f o One of the most important aspects in the achievement of secure software systems in the software development process is what is known as Security Requirements Engineering. However, very few reviews focus on this theme in a systematic, thorough and unbiased manner, that is, none of them perform a systematic review of security requirements engineering, and there is not, there...
متن کاملA Systematic Review of Banking Business Models with an Approach to Sustainable Development
Modern banks have shifted their function as purely administrative, economic and industrial entities into socio-political institutions that must be sensitive to the surrounding environment. This function has always been neglected. This study was conducted based on primary, secondary, and tertiary data and reviews the full text of 75 studies selected from more than 245 studies. The selected elect...
متن کاملTowards a Systematic Development of Secure Systems
In this paper we outline a new process model for security engineering. This process model extends object oriented, use case driven software development by the systematic treatment of security related issues. We introduce the notion of security aspects describing security relevant requirements and measures at a certain level of abstraction. We define a micro-process for security analysis support...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1505.06557 شماره
صفحات -
تاریخ انتشار 2015