Identifying potential vulnerabilities in software designs
Authors
Advisor
Issue Date
Keyword
Degree
Department
Other Identifiers
CardCat URL
Abstract
Software engineers currently rely on lengthy source code reviews, testing, and static analysis tools to attempt identification of software vulnerabilities. While these are sometimes effective, the methods used are limited and don't catch all security vulnerabilities.Work has been done in identifying areas of software prone to failure through a design metrics approach, and with success. This study aims to extend this idea to software security. The premise of this thesis is that the set of security vulnerabilities overlaps (or may be a subset of) the overall set of software bugs and failures. It is postulated that a good, reliable design should also be a secure design. This thesis identifies design issues which may lead to security vulnerabilities and proposes possible design metric enhancements to capture these design properties.