Titulo Estágio
Cognitive Mechanisms Analysis for Security Vulnerability
Áreas de especialidade
Engenharia de Software
Sistemas de Informação
Local do Estágio
SSE
Enquadramento
Security vulnerabilities are typically caused by a lack of security controls during system operation or missing precautions early during software development. It is significant to understand the cognitive mechanisms behind the introduction of vulnerabilities, so we could further design preventive strategies at early stages of software development.
Objetivo
This project aims to investigate how security vulnerabilities are introduced by software developers. The approach will include human error theories and software design cognition. The students will learn an interdisciplinary set of knowledge on how developers design software, how they makes errors and using the learnt knowledge to perform root cause analysis on vulnerabilities. The student will develop a prototype tool for this analysis and complete a case study on a selected open source database.
Plano de Trabalhos - Semestre 1
T1. [M1] Learning software design cognition models and Human error theories
T2. [M2] Literature review, developing a vulnerability taxonomy, with typical examples for each category
T3. [M3] Root cause analysis, building a causal mechanism model for each on each category of vulnerability
T4. [M4] Write the Dissertation Plan
Plano de Trabalhos - Semestre 2
T5. [M1] Prototype Requirement analysis and Architecture design.
T6. [M2] Prototype implementation.
T7. [M3] Case Study.
T8. [M4] Write the thesis.
Condições
The work is to be executed at the laboratories of the CISUC’s Software and Systems Engineering Group. A work place will be provided as well as the required computational resources.
Observações
: The work is part of the contribution of “Human Errors in Software Engineering” Interdisciplinary Research Group of the University of Coimbra, which increases the impact and visibility of the work and its results.
Orientador
Fuqun Huang, Nuno Antunes
huangfuqun@dei.uc.pt 📩