Case Base for Secure Software Development Using Software Security Knowledge Base

• Published in: 2015 IEEE 39th Annual Computer Software and Applications Conference Vol. 3; pp. 97 - 103
• Main Authors: Hazeyama, Atsuo, Saito, Masahito, Yoshioka, Nobukazu, Kumagai, Azusa, Kobashi, Takanori, Washizaki, Hironori, Kaiya, Haruhiko, Okubo, Takao
• Format: Conference Proceeding Journal Article
• Language: English
• Published: IEEE 01.07.2015
• Subjects: Applications programs; Authentication; case base; Computer information security; Computer programs; Computer simulation; Force; Guidelines; Knowledge base; knowledge base for secure software development; Knowledge based systems; secure software development process; Software; Software development; Tasks; Unified modeling language
• ISSN: 0730-3157
• DOI: 10.1109/COMPSAC.2015.86

The importance of software security technologies has been gaining attention due to the increase in services on the Internet. Various technologies regarding software security have been developed. However, we believe knowledge regarding software security is not integrated, therefore, we have been developing a knowledge base for secure software development. We previously proposed a learning model that associates artifacts created in secure software development with knowledge in the knowledge base as design rationale. However, only a few case studies that addressed a full life cycle for secure software development have been reported. To mitigate this lack in reported case studies, Okubo et al. Created a common task regarding software security. In this study, we developed a case base of secure software development whose artifacts are associated with the knowledge base using this common task as a case.