Description

In order to develop secure software, the “security by design” paradigm emerged in recent years. It emphasizes to take security into account early on in the SDLC instead of plugging it in later. Consequently, the secure system design is a central objective when following this paradigm. However, up to date there is a lack of support in designing these.

The SCAM research project seeks to develop a novel architecture modeling approach that utilizes conceptual properties of secure design solutions to give design recommendations for the security requirements of a software system. For this, it aims to use a knowledge base of security design patterns and resolve these with the security requirements that must be satisfied by the software system’s architecture.

To compare the SCAM approach to other existing methods, tools and techniques, in this thesis an extensive comparison study shall be conducted. First, the student should apply the SLR method to construct a meaningful search string. With this search string he or she shall systematically search scientific databases for relevant methods, tools and techniques to design secure software systems. Next, these results shall be classified by meaningful parameters, such as what the overall approach is or what kinds of systems they are used for. Lastly, an in-depth comparison of these results shall be presented and discussed.