A Data-Driven Approach to Evaluate the Security of System Designs

It appears your Web browser is not configured to display PDF files. Download adobe Acrobat or click here to download the PDF file.

Click here to download the PDF file.


Samuel, Joe Frederick




Improving system security during the design phase is challenging but can be cost-effective in the long run. Security metrics are a way to measure and manage a system's ability to minimize possible attack opportunities. While several design-level security metrics exist to evaluate vulnerabilities in system design, it is unclear which metrics provide a sound scientific basis for their characterization. Lack of security knowledge among average development teams and the lack of tool support are additional challenges. In this work, we present a data-driven approach for the security evaluation of system designs to address the above challenges. The approach aims to incrementally improve system security and decision-making at design time. We integrate the attack surface metric which we found to be sound in our evaluation of widely-used security metrics and leverage external data sources to characterize the structural security posture of software systems. Several tools are developed to automate the approach.


System Science
Computer Science




Carleton University

Thesis Degree Name: 

Master of Applied Science: 

Thesis Degree Level: 


Thesis Degree Discipline: 

Engineering, Electrical and Computer

Parent Collection: 

Theses and Dissertations

Items in CURVE are protected by copyright, with all rights reserved, unless otherwise indicated. They are made available with permission from the author(s).