@article{155, keywords = {ASCE plug-in, OTS component assessment, Safety case core, security, vulnerability, web service}, author = {Kateryna Netkachova}, title = {Model and Implementation of Safety Case Cores}, abstract = {
The paper introduces a general concept of Safety Case Core, which is an extension of the Safety Case methodology. The definition of the safety case core is provided, the scope, principles and structure of a core are outlined, and a general set-theoretical model is presented. An approach to tracking and managing vulnerability information, assessing security and reliability characteristics of ready-made software components is discussed. To demonstrate the practical relevance and applicability of the proposed approach, a safety case core for assessing off-the-shelf components is developed. The database schema of the developed safety case core, modelled using the entity-relationship diagram, is presented; the important design and implementation details and techniques are outlined. The integration of the core with ASCE software tool as a plug-in and implementation as a web service for off-the-shelf component assessment are presented.
}, year = {2012}, journal = {Information & Security: An International Journal}, volume = {28}, number = {23}, pages = {286-295}, month = {2012}, doi = {http://dx.doi.org/10.11610/isij.2823}, language = {eng}, }