CMU-ISRI-06-124 Institute for Software Research School of Computer Science, Carnegie Mellon University
Checking Threat Modeling Data Flow Diagrams Marwan Abi-Antoun*, Daniel Wang**, Peter Torr*** September 2006
CMU-ISRI-06-124.ps
We designed an approach to check the conformance of an implementation with its security architecture. We extended Reflexion Models to compare as-built DFD recovered from the implementation and the as-designed DFD, by increasing its automation and thus its adoptability. We also designed an analysis to assist DFD designers validate their initial DFDs and detect common security design flaws in them. An evaluation of the approach on subsystems from production code showed that it can find omitted or outdated information in existing DFDs. 21 pages
*This work was conducted while an intern at the Center for Software
Excellence at Microsoft Research.
| |
Return to:
SCS Technical Report Collection This page maintained by reports@cs.cmu.edu |