A Common Body of Knowledge for Engineering Secure Software and Services

Art der Publikation: Beitrag in Sammelwerk

A Common Body of Knowledge for Engineering Secure Software and Services

Schwittek, Widura; Schmidt, Holger; Beckers, Kristian; Eicker, Stefan; Faßbender, Stephan; Heisel, Maritta
Titel des Sammelbands:
Proceedings of the 7th International Conference on Availability, Reliability and Security
Digital Object Identifier (DOI):
Link zum Volltext:
Download BibTeX


The discipline of engineering secure software and services brings together researchers and practitioners from software, services, and security engineering. This interdisciplinary community is fairly new, it is still not well integrated and is therefore confronted with differing perspectives, processes, methods, tools, vocabularies, and standards. We present a Common Body of Knowledge (CBK) to overcome the aforementioned problems. We capture use cases from research and practice to derive requirements for the CBK. Our CBK collects, integrates, and structures knowledge from the different disciplines based on an ontology that allows one to semantically enrich content to be able to query the CBK. The CBK heavily relies on user participation, making use of the Semantic MediaWiki as a platform to support collaborative writing. The ontology is complemented by a conceptual framework, consisting of concepts to structure the knowledge and to provide access to it, and a means to build a common terminology. We also present organizational factors covering dissemination and quality assurance.