Development of Tool Support within the Domain of Risk-Driven Security Testing

Abstract

Today, there exists a wide range of services and applications across several platforms that are prone to attacks. Attackers find new ways to exploit malfunctions and vulnerabilities within these systems every day. There is an increase in cyber security risks and targeted attacks towards the public, industry and governments by the use of the web, social media, mobile devices, cloud services and so on. Therefore, security must be considered thoroughly in the software development life cycle, to minimise the risks represented by either an attacker, the intended user of the system, or other non-human causes that might lead to catastrophic damage to a system. The security testing community has met these challenges by proposing an approach to security testing that is supported by security risk assessment. This approach is commonly referred to as risk-driven security testing and aims to focus testing on the most severe risk a system is exposed to. The field of risk-driven security testing is relatively new and immature. Thus, lacks formality, preciseness and dedicated tool support. As a response to this, the CORAL approach has been proposed. The CORAL approach is an approach that provides a domain-specific risk analysis language and a method to conduct risk-driven security testing, consequently, providing more formality and preciseness. However, the approach needs to be supported by dedicated tool support in order to aid security testers further. This thesis investigates how the CORAL approach can be supported by a tool, in order to fulfil the overall aim of introducing proper tool support for the domain of risk-driven security testing. We propose a tool developed as a plug-in for the Eclipse Papyrus tool, which supports the CORAL approach. The risk analysis language in our tool adopts a textual notation as opposed to the graphical notation defined for the CORAL risk analysis language. Consequently, as part of the development and evaluation process of the tool, we conducted an empirical study to investigate whether the textual notation adopted by the tool had any impact on comprehensibility in comparison to graphical notation. The results of our empirical study indicate that there is no significant difference with respect to comprehensibility. Moreover, our results show that the tool is appropriate for security testers in terms of carrying out risk-driven security testing following the CORAL approach, including defining security test cases.