file.pdf (226.53 kB)
Measuring Attack Surface in Software Architecture (CMU-ISR-11-121)
journal contribution
posted on 2012-03-01, 00:00 authored by Jeff Gennari, David GarlanIn this report we show how to adapt the notion of “attack surface” to formally evaluate security properties at the architectural level of design and to identify vulnerabilities in architectural designs. Further we explore the application of this metric in the context of architecture-based transformations to improve security by reducing the attack surface. These transformations are described in detail and validated with a simple experiment.