Towards Higher Assurance Software Construction via Aspects

Reference#: P02362

Security evaluations for software systems can be time consuming and expensive endeavors. In particular, the tracing of security requirements into code and the accurate maintenance of that mapping as a system evolves over time can be tedious and error-prone. Currently evaluators must maintain a mapping of security requirements into application code via manual processes. There is a need for an approach to help minimize evaluation cost and time and to improve the overall accuracy.

This JHU/APL technology considers the question of whether it is possible to both (1) improve the quality of security mechanism integration into software intensive systems and (2) lower the time and associated costs for formally evaluating the correctness of the resulting integrated systems. An outcome of the research is a tool which helps various stakeholders in realizing these goals. The tool employs a number of underlying technical mechanisms in its operation, including aspects, annotations, and requirements taxonomies. What we offer: • Improved security • Easier integration • Faster evaluations • Lower costs Potential consumers of a matured version of the tool may include software application developers, security developers, and security evaluators (including evaluation laboratories).

Patent Status: U.S. patents pending.

*This technology is available for licensing.