Prof. Dr. Maritta Heisel
Raum BB 919
Tel. : +49 203 379 3465
Fax : +49 379 4490
E-Mail : maritta.heisel[at]uni-duisburg-essen.de

Research
  • Compliance
    Veröffentlichungen:

    QuickSearch:   Number of matching entries: 0.

    YearTitleAuthorJournal/ProceedingsPublisher
    2017 A structured and systematic model-based development method for automotive systems, considering the OEM/supplier interface Beckers, K., Côté, I., Frese, T., Hatebur, D. & Heisel, M. Reliability Engineering & System Safety    
    Abstract: Abstract The released ISO 26262 standard for automotive systems requires to create a hazard analysis and risk assessment and to create safety goals, to break down these safety goals into functional safety requirements in the functional safety concept, to specify technical safety requirements in the safety requirements specification, and to perform several validation and verification activities. Experience shows that the definition of technical safety requirements and the planning and execution of validation and verification activities has to be done jointly by OEMs and suppliers. In this paper, we present a structured and model-based safety development approach for automotive systems. The different steps are based on Jackson's requirement engineering. The elements are represented by UML notation extended with stereotypes. The UML model enables a rigorous validation of several constraints. We make use of the results of previously published work to be able to focus on the OEM/supplier interface. We illustrate our method using a three-wheeled-tilting control system (3WTC) as running example and case study.
    BibTeX:
    @article{Beckers2016-4,
      year = {2017},
      title = {A structured and systematic model-based development method for automotive systems, considering the OEM/supplier interface},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Frese, Thomas and Hatebur, Denis and Heisel, Maritta},
      journal = {Reliability Engineering \& System Safety},
      volume = {158},
      pages = {172 - 184},
      note = {Special Sections : Reliability and Safety Certification of Software-Intensive Systems},
      url = {http://www.sciencedirect.com/science/article/pii/S0951832016304057},
      doi = {10.1016/j.ress.2016.08.018}
    }
    
    2017 Deriving Safety Requirements according to ISO 26262 for complex systems: A method applied in the automotive industrie Frese, T., Heisel, M., Hatebur, D. & Côté, I. Innovative Produkte und Dienstleisungen in der Mobilität    
    BibTeX:
    @article{mobi2017,
      year = {2017},
      title = {Deriving Safety Requirements according to ISO 26262 for complex systems: A method applied in the automotive industrie},
      author = {Frese, Thomas and Heisel, Maritta and Hatebur, Denis and C{\^{o}}t{\'{e}}, Isabelle},
      journal = {Innovative Produkte und Dienstleisungen in der Mobilit{\"{a}}t},
      volume = {Wissenschaftsforum Mobilit{\"{a}}t 8},
      pages = {211-222}
    }
    
    2015 A Structured Validation and Verification Method for Automotive Systems considering the OEM/Supplier Interface Beckers, K., Côté, I., Frese, T., Hatebur, D. & Heisel, M. Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer  
    Abstract: The released ISO 26262 standard for automotive systems requires several validation and verification activities. These validation and verification activities have to be planned and performed jointly by the OEMs and the suppliers. In this paper, we present a systematic, structured and model-based method to plan the required validation and verification activities and collect the results. Planning and the documentation of performed activities are represented by a UML notation extended with stereotypes. The UML model supports the creation of the artifacts required by ISO 26262, enables document generation and a rigorous check of several constraints expressed in OCL. We illustrate our method using the example of an electronic steering column lock system.
    BibTeX:
    @inproceedings{fs2015,
      year = {2015},
      title = {A Structured Validation and Verification Method for Automotive Systems considering the OEM/Supplier Interface},
      booktitle = {Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Frese, Thomas and Hatebur, Denis and Heisel, Maritta},
      publisher = {Springer},
      volume = {9337},
      pages = {90 - 107},
      url = {www.springer.com}
    }
    
    2014 Supporting Common Criteria Security Analysis with Problem Frames Beckers, K., Hatebur, D. & Heisel, M. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA)   Innovative Information Science & Technology Research Group (ISYOU)  
    Abstract: Security standards, e.g., the Common Criteria (ISO 15408), are applied by software
    vendors to establish a level of confidence that the security functionality of their products
    and their applied assurance measures are sufficient. To get a Common Criteria certification,
    a comprehensible set of documents is necessary, including a detailed threat analysis and
    security objective elicitation. We focus on improving the Common Criteria threat analysis
    and the derivation of security objectives in our work.
    Our method is based upon an attacker model, which considers different attacker types,
    e.g., software attackers, that threaten only specific parts of a system. We provide tool
    support for checking the consistency and the completeness of the specified software systems
    using OCL expressions. For example, we check if all types of attackers have been considered
    for a specific domain, we check for all software domains that either a software attacker is
    considered or an assumption is documented that excludes software attackers, and we check
    if all threats are addressed by security objectives. Moreover, we can generate tables and
    texts from our UML models to satisfy the Common Criteria documentation demands. For
    instance, we can generate Common Criteria specific cross-table, which maps every security
    objective and assumption to a specific threat. The consistency checks are integrated in our
    structured method for threat analysis that considers the Common Criteria’s (CC) demands
    for documentation of the system in its environment and the reasoning that all threats are
    discovered and addressed. With our support tool UML4PF (that extends a UML tool and
    contains e.g., a UML profile and an OCL validator), we support security reasoning, validation
    of models, and we are able to generate Common Criteria-compliant documentation using
    model-to-text transformations. Our threat analysis method can also be used for threat
    analysis without the common criteria, because it uses a specific part of the UML profile that
    can be adapted to other demands with little effort. For example, it could be adapted for
    other security standards like ISO 27001.We illustrate our approach with the development of
    a smart metering gateway system.
    BibTeX:
    @article{Beckers2014-Jowua,
      year = {2014},
      title = {Supporting Common Criteria Security Analysis with Problem Frames},
      author = {Beckers, Kristian and Hatebur, Denis and Heisel, Maritta},
      journal = {Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA)},
      publisher = {Innovative Information Science \& Technology Research Group (ISYOU)},
      volume = {5},
      number = {1},
      pages = {37-63},
      url = {http://isyou.info/}
    }
    
    2014 A Meta-Pattern and Pattern Form For Context-Patterns Beckers, K., Faßbender, S. & Heisel, M. Proceedings of the 19th European Conference on Pattern Languages of Programs (Europlop)   ACM  
    Abstract: In a previous EuroPlop publication we introduced a catalog of context-patterns.We described common structures and stakeholders for several
    different domains in our context-patterns. The common elements of the context were obtained from observations about the domain in terms
    of standards, domain specific-publications, and implementations. Whenever a system-to-be is already described by a context-pattern, one
    can use this context-pattern to elicit domain knowledge via instantiation of the context-pattern. Moreover, we analyzed the common concepts
    in our context-patterns and created a meta-model to describe the relations between these concepts. This meta-model was the initial step
    towards a pattern language for context-patterns. In this work, we show the consequent next step for the definition of a pattern language for
    context-patterns.
    BibTeX:
    @inproceedings{BeckersFassbender2014-europlop-A,
      year = {2014},
      title = {A Meta-Pattern and Pattern Form For Context-Patterns},
      booktitle = {Proceedings of the 19th European Conference on Pattern Languages of Programs (Europlop)},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta},
      publisher = {ACM},
      series = {EuroPloP'14},
      pages = {5:1--5:23},
      url = {http://doi.acm.org/10.1145/2721956.2721979},
      doi = {10.1145/2721956.2721979}
    }
    
    2014 A Threat Analysis Methodology for Smart Home Scenarios Beckers, K., Faßbender, S., Heisel, M. & Suppan, S. Smart Grid Security, Proceddings of the Second International Workshop (SmartGridSec)   Springer  
    Abstract: A smart grid is envisioned to enable a more economic, environmen-
    tal friendly, sustainable and reliable supply of energy. But significant security
    concerns have to be addressed for the smart grid, dangers range from threatened
    availability of energy, to threats of customer privacy. This paper presents a struc-
    tured method for identifying security threats in the smart home scenario and in
    particular for analyzing their severity and relevance. The method is able to unveil
    also new threats, not discussed in the literature before. The smart home scenario
    is represented by a context-pattern, which is a specific kind of pattern for the elic-
    itation of domain knowledge [5]. Hence, by exchanging the smart home pattern
    by a context-pattern for another domain, e.g., clouds, our method can be used
    for these other domains, as well. The proposal is based on Microsoft’s Security
    Development Lifecycle (SDL) [4], which uses Data Flow diagrams, but proposes
    new alternatives for scenario definition and asset identification based on context-
    patterns. These alleviate the lack of scalability of the SDL. In addition, we present
    Attack Path DFDs, that show how an attacker can compromise the system.
    BibTeX:
    @inproceedings{BFassbenderHS2014,
      year = {2014},
      title = {A Threat Analysis Methodology for Smart Home Scenarios},
      booktitle = {Smart Grid Security, Proceddings of the Second International Workshop (SmartGridSec)},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta and Suppan, Santiago},
      publisher = {Springer},
      volume = {8448},
      series = {Lecture Notes in Computer Science},
      pages = {94-124},
      url = {http://link.springer.com/chapter/10.1007/978-3-319-10329-7_7},
      doi = {10.1007/978-3-319-10329-7_7}
    }
    
    2014 ISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System Beckers, K., Heisel, M., Solhaug, B. & Stølen, K. Advances in Engineering Secure Future Internet Services and Systems   Springer  
    BibTeX:
    @inproceedings{BHSS2014,
      year = {2014},
      title = {ISMS-CORAS: A Structured Method for Establishing an ISO 27001 Compliant Information Security Management System},
      booktitle = {Advances in Engineering Secure Future Internet Services and Systems},
      author = {Beckers, Kristian and Heisel, Maritta and Solhaug, Bj{\o}rnar and St{\o}len, Ketil},
      publisher = {Springer},
      number = {8431},
      series = {LNCS State-of-the-Art Surveys},
      pages = {315-344},
      url = {https://link.springer.com/}
    }
    
    2014 A Computer Aided Process From Problems to Laws in Requirements Engineering Faßbender, S. & Heisel, M. Software Technologies   Springer  
    Abstract: In today’s world many products and services are highly dependent on
    software and information systems. With the growing importance of IT systems,
    legislators worldwide decided to regulate and enforce laws for IT systems. With
    respect to this situation, the impact of compliance on the development of IT sys-
    tems becomes more and more severe. Hence, software engineers have a need for
    techniques to deal with compliance. But identifying relevant compliance regu-
    lations for IT systems is a challenging task. We proposed patterns and a struc-
    tured method to tackle these problems [1]. A crucial step is the transformation
    of requirements into a structure, which allows for the identification of laws. The
    transformation step was described in general in [2]. This work describes a method
    to structure the requirements, elicit the needed domain knowledge and transform
    requirements into law identification pattern instances. The manual execution of
    this method was reported by us to be time consuming and tedious. Hence, in this
    work we identify the points for (semi-)automation, and we outline a first imple-
    mentation for the automation. We present our results using a voting system as an
    example, which was obtained from the ModIWa DFG1 project and the common
    criteria profile for voting systems.
    BibTeX:
    @inproceedings{FassbenderH13_SDT,
      year = {2014},
      title = {A Computer Aided Process From Problems to Laws in Requirements Engineering},
      booktitle = {Software Technologies},
      author = {Fa{\ss}bender, Stephan and Heisel, Maritta},
      publisher = {Springer},
      volume = {457},
      series = {Communications in Computer and Information Science},
      pages = {215-234},
      url = {http://link.springer.com/chapter/10.1007%2F978-3-662-44920-2_14},
      doi = {10.1007/978-3-662-44920-2_14}
    }
    
    2014 A Structured Comparison of Security Standards Beckers, K., Côté, I., Fenz, S., Hatebur, D. & Heisel, M. Advances in Engineering Secure Future Internet Services and Systems   Springer  
    Abstract: A number of di erent security standards exist and it is dif-
    cult to choose the right one for a particular project or to evaluate if
    the right standard was chosen for a certi cation. These standards are
    often long and complex texts, whose reading and understanding takes
    up a lot of time. We provide a conceptual model for security standards
    that relies upon existing research and contains concepts and phases of
    security standards. In addition, we developed a template based upon
    this model, which can be instantiated for given security standard. These
    instantiated templates can be compared and help software and security
    engineers to understand the di erences of security standards. In particular,
    the instantiated templates explain which information and what
    level of detail a system document according to a certain security standard
    contains. We applied our method to the well known international
    security standards ISO 27001 and Common Criteria, and the German
    IT-Grundschutz standards, as well.
    BibTeX:
    @inproceedings{Lopez2014,
      year = {2014},
      title = {A Structured Comparison of Security Standards},
      booktitle = {Advances in Engineering Secure Future Internet Services and Systems},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Fenz, Stefan and Hatebur, Denis and Heisel, Maritta},
      publisher = {Springer},
      number = {8431},
      series = {LNCS State-of-the-Art Surveys},
      pages = {1-34},
      url = {http://www.springerlink.com/}
    }
    
    2014 Enhancing Problem Frames with Trust and Reputation for Analyzing Smart Grid Security Requirements Moyano, F., Fernandez-Gago, C., Beckers, K. & Heisel, M. Proceedings of the Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14)   Springer  
    BibTeX:
    @inproceedings{MGBH2014,
      year = {2014},
      title = {Enhancing Problem Frames with Trust and Reputation for Analyzing Smart Grid Security Requirements},
      booktitle = {Proceedings of the Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14)},
      author = {Moyano, Francisco and Fernandez-Gago, Carmen and Beckers, Kristian and Heisel, Maritta},
      publisher = {Springer},
      series = {LNCS 8448},
      pages = {166 -- 180},
      url = {http://www.springerlink.com/}
    }
    
    2014 Systematic Derivation of Functional Safety Requirements for Automotive Systems Beckers, K., Côté, I., Frese, T., Hatebur, D. & Heisel, M. Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer  
    Abstract: The released ISO 26262 standard for automotive systems
    requires breaking down safety goals from the hazard analysis and risk
    assessment into functional safety requirements in the functional safety
    concept. It has to be justi ed that the de ned functional safety requirements
    are suitable to achieve the stated safety goals. In this paper, we
    present a systematic, structured and model-based method to de ne functional
    safety requirements using a given set of safety goals. The rationale
    for safety goal achievement, the relevant attributes of the functional
    safety requirements, and their relationships are represented by a UML
    notation extended with stereotypes. The UML model enables a rigorous
    validation of several constraints expressed in OCL. We illustrate our
    method using an example electronic steering column lock system.
    BibTeX:
    @inproceedings{safecomp2014,
      year = {2014},
      title = {{Systematic Derivation of Functional Safety Requirements for Automotive Systems}},
      booktitle = {Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Frese, Thomas and Hatebur, Denis and Heisel, Maritta},
      publisher = {Springer},
      series = {LNCS 8666},
      pages = {65--80},
      url = {https://link.springer.com/}
    }
    
    2013 A Problem-based Threat Analysis in compliance with Common Criteria Beckers, K., Hatebur, D. & Heisel, M. Proceedings of the International Conference on Availability, Reliability and Security (ARES)   IEEE Computer Society  
    Abstract: In order to gain their customers’ trust, software vendors
    can certify their products according to security standards,
    e.g., the Common Criteria (ISO 15408). A Common Criteria
    certification requires a comprehensible documentation of the
    software product, including a detailed threat analysis. In our
    work, we focus on improving that threat analysis. Our method
    is based upon an attacker model, which considers attacker types
    like software attacker that threaten only specific parts of a
    system. We use OCL expressions to check if all attackers for a
    specific domain have been considered. For example, we propose
    a computer-aided method that checks if all software systems
    have either considered a software attacker or documented an
    assumption that excludes software attackers.
    Hence, we propose a structured method for threat analysis that
    considers the Common Criteria’s (CC) demands for documentation
    of the system in its environment and the reasoning that
    all threats are discovered. We use UML4PF, a UML profile and
    support tool for Jackson’s problem frame method and OCL for
    supporting security reasoning, validation of models, and also to
    generate Common Criteria-compliant documentation. Our threat
    analysis method can also be used for threat analysis without the
    common criteria, because it uses a specific part of the UML
    profile that can be adapted to other demands with little effort.
    We illustrate our approach with the development of a smart
    metering gateway system.
    BibTeX:
    @inproceedings{Beckers2013-ares1,
      year = {2013},
      title = {A Problem-based Threat Analysis in compliance with Common Criteria},
      booktitle = {Proceedings of the International Conference on Availability, Reliability and Security ({ARES})},
      author = {Beckers, Kristian and Hatebur, Denis and Heisel, Maritta},
      publisher = {IEEE Computer Society},
      pages = {111-120},
      url = {http://www.ieee.org/}
    }
    
    2013 A Structured and Model-Based Hazard Analysis and Risk Assessment Method for Automotive Systems Beckers, K., Frese, T., Hatebur, D. & Heisel, M. Proceedings of the 24th IEEE International Symposium on Software Reliability Engineering   IEEE Computer Society  
    Abstract: The released ISO 26262 standard requires a hazard
    analysis and risk assessment for automotive systems to
    determine the necessary safety measures to be implemented
    for a certain feature. In this paper, we present a structured
    and model-based hazard analysis and risk assessment method
    for automotive systems. The hazard analysis and risk assessment
    are based on a requirements engineering process using
    problem frames. Their elements are represented by a UML
    notation extended with stereotypes. The UML model enables
    a rigorous validation of several constraints expressed in OCL.
    We illustrate our method using an electronic steering column
    lock system.
    BibTeX:
    @inproceedings{Beckers2013-issre,
      year = {2013},
      title = {A Structured and Model-Based Hazard Analysis and Risk Assessment Method for Automotive Systems},
      booktitle = {Proceedings of the 24th IEEE International Symposium on Software Reliability Engineering},
      author = {Beckers, Kristian and Frese, Thomas and Hatebur, Denis and Heisel, Maritta},
      publisher = {IEEE Computer Society},
      pages = {238-247},
      url = {http://www.ieee.org/}
    }
    
    2013 Common Criteria CompliAnt Software Development (CC-CASD) Beckers, K., Faßbender, S., Hatebur, D., Heisel, M. & Côté, I. Proceedings of the 28th Annual ACM Symposium on Applied Computing (SAC)   ACM  
    Abstract: In order to gain their customers’ trust, software vendors can certify
    their products according to security standards, e.g., the Common
    Criteria (ISO 15408). However, a Common Criteria certification
    requires a comprehensible documentation of the software product.
    The creation of this documentation results in high costs in terms of
    time and money.
    We propose a software development process that supports the
    creation of the required documentation for a Common Criteria certification.
    Hence, we do not need to create the documentation after
    the software is built. Furthermore, we propose to use an enhanced
    version of the requirements-driven software engineering process
    called ADIT to discover possible problems with the establishment
    of Common Criteria documents. We aim to detect these issues before
    the certification process. Thus, we avoid expensive delays of
    the certification effort. ADIT provides a seamless development approach
    that allows consistency checks between different kinds of
    UML models. ADIT also supports traceability from security requirements
    to design documents. We illustrate our approach with
    the development of a smart metering gateway system.
    BibTeX:
    @inproceedings{SAC2013,
      year = {2013},
      title = {{Common Criteria CompliAnt Software Development (CC-CASD)}},
      booktitle = {Proceedings of the 28th Annual ACM Symposium on Applied Computing (SAC)},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Hatebur, Denis and Heisel, Maritta and C{\^{o}}t{\'{e}}, Isabelle},
      publisher = {ACM},
      pages = {1298--1304},
      url = {https://dl.acm.org/citation.cfm?id=2480604}
    }
    
    2012 Using Security Requirements Engineering Approaches to Support ISO 27001 Information Security Management Systems Development and Documentation Beckers, K., Heisel, M., Faßbender, S. & Schmidt, H. Proceedings of the International Conference on Availability, Reliability and Security (ARES)   IEEE Computer Society  
    Abstract: An ISO 27001 compliant information security
    management system is difficult to create, due to the the limited
    support for system development and documentation provided
    in the standard.
    We present a structured analysis of the documentation
    and development requirements in the ISO 27001 standard.
    Moreover, we investigate to what extent existing security
    requirements engineering approaches fulfill these requirements.
    We developed relations between these approaches and the
    ISO 27001 standard using a conceptual framework originally
    developed for comparing security requirements engineering
    methods. The relations include comparisons of important
    terms, techniques, and documentation artifacts. In addition,
    we show practical applications of our results.
    BibTeX:
    @inproceedings{Beckers2012-ares4,
      year = {2012},
      title = {Using Security Requirements Engineering Approaches to Support ISO 27001 Information Security Management Systems Development and Documentation},
      booktitle = {Proceedings of the International Conference on Availability, Reliability and Security ({ARES})},
      author = {Beckers, Kristian and Heisel, Maritta and Fa{\ss}bender, Stephan and Schmidt, Holger},
      publisher = {IEEE Computer Society},
      pages = {243-248},
      url = {http://www.ieee.org/}
    }
    
    2012 Supporting the Development and Documentation of ISO 27001 Information Security Management Systems Through Security Requirements Engineering Approaches Beckers, K., Faßbender, S., Heisel, M., Küster, J.-C. & Schmidt, H. Proceedings of the International Symposium on Engineering Secure Software and Systems (ESSoS)   Springer  
    Abstract: Assembling an information security management system according
    to the ISO 27001 standard is difficult, because the standard provides
    only sparse support for system development and documentation.
    We analyse the ISO 27001 standard to determine what techniques and
    documentation are necessary and instrumental to develop and document
    systems according to this standard. Based on these insights, we inspect a
    number of current security requirements engineering approaches to evaluate
    whether and to what extent these approaches support ISO 27001
    system development and documentation. We re-use a conceptual framework
    originally developed for comparing security requirements engineering
    methods to relate important terms, techniques, and documentation
    artifacts of the security requirements engineering methods to the ISO
    27001.
    BibTeX:
    @inproceedings{essos2012,
      year = {2012},
      title = {Supporting the Development and Documentation of {ISO} 27001 Information Security Management Systems Through Security Requirements Engineering Approaches},
      booktitle = {Proceedings of the International Symposium on Engineering Secure Software and Systems ({ESSoS})},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta and K{\"{u}}ster, Jan-Christoph and Schmidt, Holger},
      publisher = {Springer},
      series = {LNCS 7159},
      url = {https://link.springer.com/}
    }
    
    2012 Pattern-based Context Establishment for Service-Oriented Architectures Beckers, K., Faßbender, S., Heisel, M. & Meis, R. Software Service and Application Engineering   Springer  
    Abstract: A context description of a software system and its environment is essential
    for any given software engineering process. Requirements define statements
    about the environment (according to Jackson's terminology). The context
    description of a Service-Oriented Architecture is difficult to provide,
    because of the variety of technical systems and stakeholders involved. We
    present two patterns for SOA systems and support their instantiation with a
    structured method. In addition, we show how the pattern can be used in a
    secure service development life-cycle.
    BibTeX:
    @inproceedings{sdps2012,
      year = {2012},
      title = {Pattern-based Context Establishment for Service-Oriented Architectures},
      booktitle = {Software Service and Application Engineering},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta and Meis, Rene},
      publisher = {Springer},
      series = {LNCS 7365},
      pages = {81-101},
      url = {http://dx.doi.org/10.1007/978-3-642-30835-2_7},
      doi = {10.1007/978-3-642-30835-2_7}
    }
    
    2002 A Problem-Oriented Approach to Common Criteria Certification Rottke, T., Hatebur, D., Heisel, M. & Heiner, M. Proceedings of the 21st International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer  
    Abstract: There is an increasing demand to certify the security of systems according to the Common Criteria (CC). The CC distinguish several evaluation assurance levels (EALs), level EAL7 being the highest and requiring the application of formal techniques. We present a method for requirements engineering and (semi-formal and formal) modeling of systems to be certified according to the higher evaluation assurance levels of the CC. The method is problem oriented, i.e. it is driven by the environment in which the system will operate and by a mission statement. We illustrate our approach by an industrial case study, namely an electronic purse card (EPC) to be implemented on a Java Smart Card. As a novelty, we treat the mutual asymmetric authentication of the card and the terminal into which the card is inserted.
    BibTeX:
    @inproceedings{RHH+2002,
      year = {2002},
      title = {A Problem-Oriented Approach to Common Criteria Certification},
      booktitle = {Proceedings of the 21st International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
      author = {Rottke, Thomas and Hatebur, Denis and Heisel, Maritta and Heiner, Monika},
      publisher = {Springer},
      series = {LNCS 2434},
      pages = {334--346},
      url = {https://link.springer.com/}
    }
    

    Created by JabRef on 13/03/2018.

  • Formal Methods [Veröffentlichungen]
  • Methodology [Veröffentlichungen]
  • Patterns [Veröffentlichungen]
  • Privacy [Veröffentlichungen]
  • Requirements Engineering [Veröffentlichungen]
  • Safety [Veröffentlichungen]
  • Security [Veröffentlichungen]
  • Software Architecture [Veröffentlichungen]
  • Software Quality [Veröffentlichungen]
  • Test [Veröffentlichungen]