Skip to Main Content
Design-level vulnerabilities are a main source of security risks in software. To improve the reliability of software design, this paper presents a modified threat-driven modeling framework, to determine which threats require mitigation and how to mitigate the threats. To specify the functions and threat mitigations of a security design as a whole, aspect-oriented Stochastic Petri nets are used as a formal amplified model. Moreover, this paper proposes an adapted augmented approach to define software security metrics based on vulnerabilities included in the software systems and their impacts on software quality. The Common Vulnerability Scoring System (CVSS), a vulnerability scoring system designed to provide a standardized method for rating software vulnerabilities, is used as the basis in the metric definition and calculations. Furthermore, a case study is detailed, which shows the essence and feasibility of using aspect-oriented stochastic Petri net models for threat modeling and that the proposed security metrics are consistent with common practice.