MOSTRO (2004-2007)

MOSTRO

MOSTRO was funded by the „Fondo provinciale per i progetti di ricerca” of the Provincia Autonoma of Trento.

Context:

Although security concerns are central to organizations, they rarely affect the software design and development. This simple observation explains why nowadays software problems are mainly due to security design flaws. These kinds of flaw are hard to detect, and are often the major cause for system reorganization and adjustments which are notoriously expensive processes. Different factors concur in the definition of this situation: first of all, security is a non-functional requirement, therefore it is hard to capture it with standard software design techniques; secondly, security is mainly a social and not a technical problem, thus it is hard to capture it in standard design languages; lastly, there is no homogeneous way to represent security concerns at different levels of software description, thus it is hard to trace security issues along the phases of software development.

Aim:

The MOSTRO project aims at detecting and isolating security flaws in the very early stages of software design and development, taking into account the reasons for the existence of ineffective practices in software design. The project is based on an interdisciplinary approach to the security problem, that combines techniques coming from ontological analysis, security modelling, multi-agents reasoning, and systems engineering in order to formally characterize security concerns in a coherent and verifiable way at all stages of software design and development. In order to achieve this, an ontology of organizations will be developed, paying particular attention to the social interaction within organizations, as related to security requirements. Relying on such ontology, the project will consider formal reasoning techniques and algorithms which will allow the analysis of the organization and system models with respect to security. The methodology itself will consist of a set of guidelines to be used in the everyday practice of requirements engineering. A specific case study related to security problems will be defined in the early phase of the project. It will serve to elicit real-world information for the ontological analysis, and validate the methodology.