In this research project, we aim to provide awareness for assumptions management in software engineering. Especially security-related assumptions play a significant role in software engineering. Implicit, inconsistent, or invalid assumptions about the system can have a high impact, especially on security. Even though there are several approaches for managing assumptions in security engineering, most of them are highly specific to their domain and phase in software development. For holistic assumption management, a general understanding of security-related assumptions and their relation to other artifacts is required.
Publications:
- poster & poster abstract published at ICSE 2024
- paper preprint
- replication package to be found on https://figshare.com/articles/dataset/Replication_Package_for_What_do_you_assume_-A_theory_on_security-related_assumptions/25061507)