Towards a requirements-driven workbench for supporting software certification and accreditation

Seok Won Lee; Robin A. Gandhi; Siddharth Wagle

doi:10.1109/SESS.2007.11

Towards a requirements-driven workbench for supporting software certification and accreditation

Seok Won Lee, Robin A. Gandhi, Siddharth Wagle

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

12 Scopus citations

Abstract

Security certification activities for software systems rely heavily on requirements mandated by regulatory documents and their compliance evidences to support accreditation decisions. Therefore, the design of a workbench to support these activities should be grounded in a thorough understanding of the characteristics of certification requirements and their relationships with certification activities. To this end, we utilize our findings from the case study of a certification process of The United States Department of Defense (DoD) to identify the design objectives of a requirements-driven workbench for supporting certification analysts. The primary contributions of this paper are: identifying key areas of automation and tool support for requirements-driven certification activities; an ontology-driven dynamic and flexible workbench architecture to address process variability; and a prototype implementation.

Original language	English (US)
Title of host publication	Proceedings - ICSE 2007 Workshops
Subtitle of host publication	Third International Workshop on Software Engineering for Secure Systems, SESS'07
Publisher	IEEE Computer Society
Pages	8-14
Number of pages	7
ISBN (Print)	0769529526, 9780769529523
DOIs	https://doi.org/10.1109/SESS.2007.11
State	Published - 2007
Externally published	Yes
Event	ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07 - Minneapolis, MN, United States Duration: May 20 2007 → May 26 2007

Publication series

Name	Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07

Conference

Conference	ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07
Country/Territory	United States
City	Minneapolis, MN
Period	5/20/07 → 5/26/07

ASJC Scopus subject areas

Software
Automotive Engineering
Mechanical Engineering

Access to Document

10.1109/SESS.2007.11

Cite this

Lee, S. W., Gandhi, R. A., & Wagle, S. (2007). Towards a requirements-driven workbench for supporting software certification and accreditation. In Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07 (pp. 8-14). Article 4273334 (Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07). IEEE Computer Society. https://doi.org/10.1109/SESS.2007.11

Towards a requirements-driven workbench for supporting software certification and accreditation. / Lee, Seok Won; Gandhi, Robin A.; Wagle, Siddharth.
Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07. IEEE Computer Society, 2007. p. 8-14 4273334 (Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lee, SW, Gandhi, RA & Wagle, S 2007, Towards a requirements-driven workbench for supporting software certification and accreditation. in Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07., 4273334, Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07, IEEE Computer Society, pp. 8-14, ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07, Minneapolis, MN, United States, 5/20/07. https://doi.org/10.1109/SESS.2007.11

Lee SW, Gandhi RA, Wagle S. Towards a requirements-driven workbench for supporting software certification and accreditation. In Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07. IEEE Computer Society. 2007. p. 8-14. 4273334. (Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07). doi: 10.1109/SESS.2007.11

Lee, Seok Won ; Gandhi, Robin A. ; Wagle, Siddharth. / Towards a requirements-driven workbench for supporting software certification and accreditation. Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07. IEEE Computer Society, 2007. pp. 8-14 (Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07).

@inproceedings{66a6fe204be547f4ba204820b4dd3a3a,

title = "Towards a requirements-driven workbench for supporting software certification and accreditation",

abstract = "Security certification activities for software systems rely heavily on requirements mandated by regulatory documents and their compliance evidences to support accreditation decisions. Therefore, the design of a workbench to support these activities should be grounded in a thorough understanding of the characteristics of certification requirements and their relationships with certification activities. To this end, we utilize our findings from the case study of a certification process of The United States Department of Defense (DoD) to identify the design objectives of a requirements-driven workbench for supporting certification analysts. The primary contributions of this paper are: identifying key areas of automation and tool support for requirements-driven certification activities; an ontology-driven dynamic and flexible workbench architecture to address process variability; and a prototype implementation.",

author = "Lee, {Seok Won} and Gandhi, {Robin A.} and Siddharth Wagle",

year = "2007",

doi = "10.1109/SESS.2007.11",

language = "English (US)",

isbn = "0769529526",

series = "Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07",

publisher = "IEEE Computer Society",

pages = "8--14",

booktitle = "Proceedings - ICSE 2007 Workshops",

note = "ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07 ; Conference date: 20-05-2007 Through 26-05-2007",

}

TY - GEN

T1 - Towards a requirements-driven workbench for supporting software certification and accreditation

AU - Lee, Seok Won

AU - Gandhi, Robin A.

AU - Wagle, Siddharth

PY - 2007

Y1 - 2007

N2 - Security certification activities for software systems rely heavily on requirements mandated by regulatory documents and their compliance evidences to support accreditation decisions. Therefore, the design of a workbench to support these activities should be grounded in a thorough understanding of the characteristics of certification requirements and their relationships with certification activities. To this end, we utilize our findings from the case study of a certification process of The United States Department of Defense (DoD) to identify the design objectives of a requirements-driven workbench for supporting certification analysts. The primary contributions of this paper are: identifying key areas of automation and tool support for requirements-driven certification activities; an ontology-driven dynamic and flexible workbench architecture to address process variability; and a prototype implementation.

AB - Security certification activities for software systems rely heavily on requirements mandated by regulatory documents and their compliance evidences to support accreditation decisions. Therefore, the design of a workbench to support these activities should be grounded in a thorough understanding of the characteristics of certification requirements and their relationships with certification activities. To this end, we utilize our findings from the case study of a certification process of The United States Department of Defense (DoD) to identify the design objectives of a requirements-driven workbench for supporting certification analysts. The primary contributions of this paper are: identifying key areas of automation and tool support for requirements-driven certification activities; an ontology-driven dynamic and flexible workbench architecture to address process variability; and a prototype implementation.

UR - http://www.scopus.com/inward/record.url?scp=38549174781&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38549174781&partnerID=8YFLogxK

U2 - 10.1109/SESS.2007.11

DO - 10.1109/SESS.2007.11

M3 - Conference contribution

AN - SCOPUS:38549174781

SN - 0769529526

SN - 9780769529523

T3 - Proceedings - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07

SP - 8

EP - 14

BT - Proceedings - ICSE 2007 Workshops

PB - IEEE Computer Society

T2 - ICSE 2007 Workshops: Third International Workshop on Software Engineering for Secure Systems, SESS'07

Y2 - 20 May 2007 through 26 May 2007

ER -

Towards a requirements-driven workbench for supporting software certification and accreditation

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this