Skip to Main content Skip to Navigation
Conference papers

Integrating Contract-based Security Monitors in the Software Development Life Cycle

Abstract : Software systems, containing security vulnerabilities, continue to be created and released to consumers. We need to adopt improved software engineering practices to reduce the security vulnerabilities in modern systems. These practices should begin with stated security policies and end with systems which are quantitatively, not just qualitatively, more secure. Currently, contracts have been proposed for reliability and formal verification; yet, their use in security is limited. In this work, we propose a contract-based security assertion monitoring framework (CB SAMF) that is intended to reduce the number of security vulnerabilities that are exploitable, spanning multiple software layers, to be used in an enhanced systems development life cycle (SDLC).
Document type :
Conference papers
Complete list of metadata
Contributor : Isabelle Simplot-Ryl Connect in order to contact the contributor
Submitted on : Monday, June 28, 2021 - 10:28:25 AM
Last modification on : Thursday, February 24, 2022 - 3:10:15 AM
Long-term archiving on: : Wednesday, September 29, 2021 - 6:21:55 PM


Files produced by the author(s)


  • HAL Id : inria-00546624, version 1



Alexander M. Hoole, Isabelle Simplot-Ryl, Issa Traoré. Integrating Contract-based Security Monitors in the Software Development Life Cycle. FLACOS 2008 - 2nd Workshop on Formal Languages and Analysis of Contract-Oriented Software, Nov 2008, Malta, Malta. ⟨inria-00546624⟩



Record views


Files downloads