A comprehensive pattern-oriented approach to engineering security methodologies Anton V. Uzunov a,⇑ , Katrina Falkner a , Eduardo B. Fernandez b a School of Computer Science, The University of Adelaide, Adelaide, South Australia 5005, Australia b Department of Computer and Electrical Engineering and Computer Science, Florida Atlantic University, 777 Glades Rd., Boca Raton, FL 33431, United States article info Article history: Received 7 December 2013 Received in revised form 5 July 2014 Accepted 5 September 2014 Available online 16 September 2014 Keywords: Secure software engineering Security methodologies Method engineering Process patterns Software security Modeling abstract Context: Developing secure software systems is an issue of ever-growing importance. Researchers have generally come to acknowledge that to develop such systems successfully, their security features must be incorporated in the context of a systematic approach: a security methodology. There are a number of such methodologies in the literature, but no single security methodology is adequate for every situation, requiring the construction of ‘‘fit-to-purpose’’ methodologies or the tailoring of existing methodologies to the project specifics at hand. While a large body of research exists addressing the same requirement for development methodologies – constituting the field of Method Engineering – there is nothing comparable for security methodologies as such; in fact, the topic has never been studied before in such a context. Objective: In this paper we draw inspiration from a number of Method Engineering ideas and fill the latter gap by proposing a comprehensive approach to engineering security methodologies. Method: Our approach is embodied in three interconnected parts: a framework of interrelated security process patterns; a security-specific meta-model; and a meta-methodology to guide engineers in using the latter artefacts in a step-wise fashion. A UML-inspired notation is used for representing all pattern-based methodology models during design and construction. The approach is illustrated and evaluated by tailoring an existing, real-life security methodology to a distributed-system-specific project situation. Results: The paper proposes a novel pattern-oriented approach to modeling, constructing, tailoring and combining security methodologies, which is the very first and currently sole such approach in the liter- ature. We illustrate and evaluate our approach in an academic setting, and perform a feature analysis to highlight benefits and deficiencies. Conclusion: Using our proposal, developers, architects and researchers can analyze and engineer security methodologies in a structured, systematic fashion, taking into account all security methodology aspects. Ó 2014 Elsevier B.V. All rights reserved. 1. Introduction Security in modern software environments is an issue of ever- growing importance, reflected not only in the expanding research literature on the subject, but also in the increase of reported vul- nerabilities and their successful exploitation [1–3]. These advances have meant that, on the technical front, it is no longer feasible to apply isolated security strategies such as cryptography for secure communications, COTS monitoring packages and others, to secure only parts or specific aspects of a system [4,5]. Researchers have generally come to acknowledge that for any security strategy to be successful it must be employed within a comprehensive, holistic approach firmly grounded in the principles of software engineer- ing, where the incorporation of security attributes begins from the earliest stages and proceeds throughout the whole software development life-cycle (SDLC) afterwards [6–12]. Such security approaches are necessarily systematic in nature, i.e. they constitute a ‘‘systematic way of doing things in a particular discipline’’, which, according to Gonzalez-Perez and Henderson- Sellers [13] is what defines a methodology. Since the discipline combining security and software engineering can be designated secure software engineering [5], we can designate these systematic approaches secure software engineering methodologies, or simply security methodologies [14]. http://dx.doi.org/10.1016/j.infsof.2014.09.001 0950-5849/Ó 2014 Elsevier B.V. All rights reserved. ⇑ Corresponding author. E-mail addresses: anton.uzunov@adelaide.edu.au (A.V. Uzunov), katrina. falkner@adelaide.edu.au (K. Falkner), ed@cse.fau.edu (E.B. Fernandez). Information and Software Technology 57 (2015) 217–247 Contents lists available at ScienceDirect Information and Software Technology journal homepage: www.elsevier.com/locate/infsof