Abstract
Modern information and distributed systems runs for extensive periods of time and are being constantly improved in service objectives under evolving technologies and changing regulations and standards. These systems have become extremely complex and therefore, it is very important that they are to be dependable in order for them to execute their functionalities and purposes correctly or to an acceptable level of services. However, due to the ever-growing complexity of information and distributed systems, it is very difficult to achieve dependability by relying only on conventional technologies such as development processes and formal methods. And therefore the idea of Assurance Case or D-Case (dependability case) has become more and more a popular notion. Recently, D-Case which is an extension form of Assurance Case, is more commonly associated with the safely aspect of dependability. And because of this regard, safety cases are more well known in comparison to other aspects of dependability such as availability, integrity and confidentiality witch are all related to the security domain. In this paper, we introduce our new approach to the development of a dependable security case.
Chapter PDF
References
Ankrum, T.S., Kromholz, A.H.: Structured assurance cases: three common standards. In: Proceedings of the Ninth IEEE International Symposium on High-Assurance Systems Engineering (HASE 2005), pp. 99–108 (2005)
Avizienis, A., Laprie, J.-C., Randell, B.: Fundamental Concepts of Dependability. In: Proceedings of the Third Information Survivability Workshop, ISW 2000 (2000)
Bloomfield, R., Littlewood, B.: Multi-legged Arguments: The Impact of Diversity Upon Confidence in Dependability Arguments. In: Proceedings of 2003 International Conference on Dependable Systems and Networks, San Francisco, California. IEEE Computer Society Press (2003)
Jackson, D., Thomas, M., Millett, L.I. (eds.): Software for Dependable Systems: Sufficient Evidence? Committee on Certifiably Dependable Software Systems, Computer Science and Telecommunications Board, National Research Council. National Academies Press, ISBN:0-309-66738-0, http://www.nap.edu/catalog/11923.html
Kelly, T.P.: Arguing Safety—A Systematic Approach to Safety Case Management. DPhil Thesis, York University, Department of Computer Science Report YCST (May 1999)
DoD. Ministry of Defence, Defence Standard 00-56, Issue 4 (Publication Date June 01, 2007)
Howell, C.: Workshop on Assurance Cases: Best Practices, Possible Obstacles, and Future Opportunities. In: DSN 2004 (2004)
Bishop, P., Bloomfield, R.: A Methodology for Safety Case Development. In: Proc. of the 6th Safety-critical Systems Symposium, Birmingham, UK (February 1998)
Toulmin, S.: The Use of Argument. Cambridge University Press (1958)
Besnard, P., Hunter, A.: Elements of Argumentation. The MIT Press (2008)
Leveson, N.: The Use of Safety Cases in Certification and Requlation. ESD Working Paper Series. MIT, Boston (2011)
Kelly, T., Weaver, R.: The Goal Structuring Notation – a safety argument notation. In: Proc. of DSN 2004, Workshop on Assurance Cases (2004)
Jackson, D., Thomas, M., Milett, L.: Software for Dependable Systems: Sufficient evidence? National Academic Press (2007)
D-Case Editor (2011), http://www.dependable-os.net/tech/D-CaseEditor/
Matsuno, Y., Takamura, H., Ishikawa, Y.: A Dependability Case Editor with Pattern Library. In: Proc. IEEE HASE, pp. 170–171 (2010)
Despotou, G.: Managing the Evolution of Dependability Cases for Systems of Systems. PhD Thesis, YCST-2007-16, High Integrity Research Group, Department of Computer Science, University of York, United Kindgom (2007)
Weinstock, C.B., Goodenough, J.B., Hudak, J.J.: Dependability Cases. Technical Note CMU/SEI-2004-TN-016, SEI, Carnegie Mellon University (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 IFIP International Federation for Information Processing
About this paper
Cite this paper
Patu, V., Yamamoto, S. (2013). A New Approach to Develop a Dependable Security Case by Combining Real Life Security Experiences (Lessons Learned) with D-Case Development Process. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds) Security Engineering and Intelligence Informatics. CD-ARES 2013. Lecture Notes in Computer Science, vol 8128. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40588-4_32
Download citation
DOI: https://doi.org/10.1007/978-3-642-40588-4_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40587-7
Online ISBN: 978-3-642-40588-4
eBook Packages: Computer ScienceComputer Science (R0)