- This event has passed.
Leveraging External Data Sources to Enhance Secure System Design
June 3 @ 6:00 pm - 7:00 pm
Today’s software systems are riddled with security vulnerabilities that invite attack. We envisage a secure software design process at the architectural level, in which the security requirements are adequate, thus enabling appropriate security controls to be implemented to mitigate known threats and vulnerabilities. How can we ensure that the security requirements are adequate? In this talk, we tackle this question by focusing on how external online data sources for vulnerabilities, attack patterns, threat intelligence, and other security information can be leveraged, using Natural Language Processing (NLP), to assist designers in validating the adequacy of the security requirements. This validation is done by determining which requirements map to known threats (identified from the external data), which requirements may be extraneous, and which threats may need a closer look to identify new requirements. We will discuss the availability and nature of the external data sources and describe how we employ NLP to process the data to support the design of secure systems. Speaker(s): Jason Jaskolka, Ottawa, Ontario, Canada, Virtual: https://events.vtools.ieee.org/m/272987