Software is often unnecessarily insecure since, many software developers are not sufficiently familiar with security. Several issues need to be addressed consistently:1. During development, security-related artifacts must be integrated into the development process.2. Development flaws can cause security problems in use. Problem Analysis should identify causes of security problems rooted in development.3. Developers should learn continuously from development considerations and problem analysis to prevent future incidents and improve security.Research Vision: Quality models are used to organize security-related information on several levels of detail. Tracing of security-related activities with artifacts and with the quality model will address all three core challenges at a time: development, problem analysis, and learning. We envision software organizations to create traces related to security, compare and reuse them via soft matching and intelligent operations. Automated support and human judgment will join forces and make TraceSEC a truly socio-technical approach. TraceSEC introduces a special kind of socio-technical explainability of security-related activities: the ability of a development organization to explain to its members why a certain security measure was taken, how a vulnerability was mitigated, and how the experience made is fed into individual human learning.Scientific challenges: To achieve high security quality, we identify relevant traces, artifacts, and activities. It is a main scientific challenge to define criteria for identifying relevant elements. Relevant traces will then be captured as trace links, interpreted, and combined to obtain semantically meaningful collections of traces. They can be compared with each other for finding similar traces and cases for reuse. For example, the collection of trace links from previous projects can point to recurring problems and patterns of solutions. We envision recognizing recurring problems and solutions. We reuse the knowledge engrained in collections of traces for learning: Traces can be harvested and turned into examples of security issues from real cases. Training material can be generated following those traces, showing artifacts and decisions in context. It is challenging to identify what is relevant in the informal, formal, heuristic, and measurable facets of security. The overarching opportunity and challenge in TraceSEC is to reuse results from one activity (development, problem analysis, learning) to the others. This is a key concept in this proposal.Key Contributions: We combine quality models and tracing to cover informal and formal activities in a socio-technical environment. TraceSEC will provide explainability of the security properties of the resulting software. We plan to integrate our approach into standard/waterfall and agile processes and investigate how well the methodology supports the security of the developed software.

DFG Programme Research Grants