NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 1
  • 1
  • Tagged with
  • 2
  • 2
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 2 of 2 (0.078 seconds)
1

Secure Application Development / Static Application Security Testing (SAST)

Alwan, Alaa January 2022 (has links)
Security testing is a widely applied measure to evaluate and improve software security by identifying vulnerabilities and ensuring security requirements related to properties like confidentiality, integrity, and availability. A confidentiality policy guarantees that attackers will not be able to expose secret information. In the context of software programs, the output that attackers observe will not carry any information about the confidential input information. Integrity is the dual of confidentiality, i.e., unauthorized and untrusted data provided to the system will not affect or modify the system’s data. Availability means that systems must be available at a reasonable time. Information flow control is a mechanism to enforce confidentiality and integrity. An accurate security assessment is critical in an age when the open nature of modern software-based systems makes them vulnerable to exploitation. Security testing that verifies and validates software systems is prone to false positives, false negatives, and other such errors, requiring more resilient tools to provide an efficient way to evaluate the threats and vulnerabilities of a given system. Therefore, the newly developed tool Reax controls information flow in Java programs by synthesizing conditions under which a method or an application is secure. Reax is a command-line application, and it is hard to be used by developers. This project has its primary goal to integrate Reax by introducing a plugin for Java IDEs to perform an advanced analysis of security flaws. Specifically, by design, a graphical plugin performs advanced security analysis that detects and reacts directly to security flaws within the graphical widget toolkit environment (SWT). The project proposed a new algorithm to find the root cause of security violations through a graphical interface as a second important goal. As a result, developers will be able to detect security violations and fix their code during the implementation phase, reducing costs.
secure development
application security
static application security testing
SAST
Computer Systems
Datorsystem
2

Cybersäkerhet på väg : Säker mjukvaruutveckling i fordonsindustrin

Alfredsson, Anders January 2023 (has links)
Moderna vägfordon är i högre grad än tidigare styrda av mjukvara, och det är även vanligt att de har någon form av internetuppkoppling. För att fordonen ska kunna uppfylla de säkerhetskrav som ställs är det därför viktigt att mjukvaran är utvecklad på ett säkert sätt och under säkra former. Denna fallstudie undersöker med hjälp av strukturerade intervjuer hur några personer som arbetar med mjukvaruutveckling inom fordonsindustrin beskriver arbetet med säkerhet i utvecklingsprocessen. Resultatet visar att det finns en rad olika rutiner och riktlinjer som syftar till att skapa en säker produkt ur ett cybersäkerhetsperspektiv, men att det finns en tendens bland vissa utvecklare att förlita sig på processer och rutiner när det gäller att skapa en säker mjukvara.
secure software
secure development
säker mjukvara
säker utveckling
Computer Systems
Datorsystem

Page generated in 0.0883 seconds