A Security Property Decomposition Argument Pattern for Structured Assurance Case Models
How can we construct a compelling, evidence-backed argument that a system actually satisfies its security requirements?
European Conference on Pattern Languages of Programs 2021 (EuroPLoP 2021)
ACM · 2021
The decomposition of a security assurance case to support this argumentation can be challenging as different systems have different security objectives and, consequently, different security requirements. Existing assurance case models lack a structured, reusable pattern for decomposing arguments around security properties such as confidentiality, integrity, and availability.
How can we construct a compelling, evidence-backed argument that a system actually satisfies its security requirements?
The Approach
We propose a security assurance argument pattern called Security Property Decomposition. This pattern is extracted by studying existing security assurance case models and their decomposition to argue the satisfaction of security properties. It also considers the requirements prescribed by several prominent security standards for developing secure and trustworthy systems in different application domains.
The Transformation
The Security Property Decomposition pattern can be instantiated in the context of different application domains to demonstrate that the security requirements related to the functionality of the system have been adequately satisfied. We present an application of the pattern demonstrating compliance with a relevant security standard in the automotive domain.