Abstract

Architectural threat analysis has become an important cornerstone for organizations concerned with developing secure software. Due to the large number of existing techniques it is becoming more challenging for practitioners to select an appropriate threat analysis technique. Therefore, we conducted a systematic literature review (SLR) of the existing techniques for threat analysis. In our study we compare 26 methodologies for what concerns their applicability, characteristics of the required input for analysis, characteristics of analysis procedure, characteristics of analysis outcomes and ease of adoption. We also provide insight into the obstacles for adopting the existing approaches and discuss the current state of their adoption in software engineering trends (e.g. Agile, DevOps, etc.). As a summary of our findings we have observed that: the analysis procedure is not precisely defined, there is a lack of quality assurance of analysis outcomes and tool support and validation are limited.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
UML model refactoring: a systematic literature review
Mohammed Misbhauddin ... Mohammad Alshayeb
Empirical Software Engineering | VOL. 20
Mohammed Misbhauddin, et. al.Mohammed Misbhauddin ... Mohammad Alshayeb
15 Oct 2013
Evaluating the Science to Inform the Physical Activity Guidelines for Americans Midcourse Report
Alison Vaux-Bjerke ... Deborah H John
Journal of healthy eating and active living | VOL. 3
Alison Vaux-Bjerke, et. al. Alison Vaux-Bjerke ... Deborah H John
28 Aug 2023
Methods and Results Report - Evidence and consensus-based (S3) Guidelines for the Treatment of Actinic Keratosis -International League of Dermatological Societies in cooperation with the European Dermatology Forum.
R.N Werner ... S Rosumeck
Journal of the European Academy of Dermatology and Venereology : JEADV | VOL. 29
R.N Werner, et. al.R.N Werner ... S Rosumeck
09 Sep 2015
Systematic Literature Review on Security Risks and its Practices in Secure Software Development
Rafiq Ahmad Khan ... Muhammad Ilyas
IEEE access : practical innovations, open solutions | VOL. 10
Rafiq Ahmad Khan, et. al.Rafiq Ahmad Khan ... Muhammad Ilyas
01 Jan 2021
View more papers

More From: The Journal of Systems & Software

Paper Title
Journal
Date
Author
Editorial Board
-
The Journal of Systems & Software | VOL. 214
--
01 Aug 2024
A systematic literature review on characteristics of the front-end phase of agile software development projects and their connections to project success
Magne Jørgensen
The Journal of Systems & Software | VOL. 216
Magne JørgensenMagne Jørgensen
08 Jul 2024
Technical debt in AI-enabled systems: On the prevalence, severity, impact, and management strategies for code and architecture
Gilberto Recupito ... Fabio Palomba
The Journal of Systems & Software | VOL. 216
Gilberto Recupito, et. al.Gilberto Recupito ... Fabio Palomba
04 Jul 2024
Hybrid quantum architecture for smart city security
Vita Santa Barletta ... Michele Scalera
The Journal of Systems & Software | VOL. -
Vita Santa Barletta, et. al.Vita Santa Barletta ... Michele Scalera
01 Jul 2024
View more papers