Design and Implementation of a Recommender System for Secure System Design


In order to develop secure software, the “security by design” paradigm emerged in recent years. It emphasizes to take security into account early on in the SDLC instead of plugging it in later. Consequently, the secure system design is a central objective when following this paradigm. However, up to date there is a lack of support in designing these.

The SCAM research project seeks to develop a novel architecture modeling approach that utilizes conceptual properties of secure design solutions to give design recommendations for the security requirements of a software system. For this, it aims to use a knowledge base of security design patterns and resolve these with the security requirements that must be satisfied by the software system’s architecture.

In this thesis a first prototype of such a recommender system shall be developed. The main objective is to gain insights into the modeling activities with such a recommender system. Some questions to be answered are: What data does a recommender system need to give security design recommendations? How can such recommendeations look like?

Overall, the thesis shall give an answer to the following overarching research question:

RQ: How can a recommender system be used in the architecture modeling activity to support architects in creating secure software designs?

Since the knowledge base does not yet exist, the student will have to mock it as part of the solution. As a parallel development of the knowledge base is planned, an exchange between the responsible students should take place as part of this work.

This thesis is only available as a master thesis.

Project information


In progress

Thesis for degree:



Patrick Treppmann