ECSA 2022
Mon 19 - Fri 23 September 2022 Prague, Czech Republic

With the increase of connected systems and the ongoing digitalization of various aspects of our life, the security demands for software increase. Software architects should design a secure and resistant system against cyber-attacks. One solution could be the identification and mitigation of attack paths during the development. However, attackers often combine different attack paths to compromise a system. For instance, they might use multiple vulnerabilities and combine these with exploiting access control policies. Current attack path calculation approaches, often only focus on the network topology and do not consider the more fine-grained information a software architecture can provide, such as the components or deployment. We developed an open-source Eclipse plugin, which can calculate an attack graph based on the software architecture. This tool could help software architects to identify potential critical attack paths.

Fri 23 Sep

Displayed time zone: Belgrade, Bratislava, Budapest, Ljubljana, Prague change

11:00 - 12:30
Architecture modeling, design and decision makingTools & Demos / Research Papers at S4
Chair(s): Henry Muccini University of L'Aquila, Italy, Luciano Baresi Politecnico di Milano
11:00
5m
Full-paper
From Informal Architecture Diagrams to Flexible Blended ModelsBest paper candidate
Research Papers
A: Robbert Jongeling Malardalen University, A: Federico Ciccozzi Malardalen University, A: Antonio Cicchetti Mälardalen University, A: Jan Carlson Malardalen University
11:05
5m
Short-paper
Debiasing Architectural Decision-Making: A Workshop-Based Training Approach
Research Papers
A: Klara Borowa Warsaw University of Technology, A: Maria Jarek , A: Gabriela Mystkowska , A: Weronika Paszko , A: Andrzej Zalewski
11:10
5m
Short-paper
Persistence Factories Architectural Design Pattern
Research Papers
A: Jorge Ortiz-Fuentes , A: Ángel Herranz Universidad Politécnica de Madrid
11:15
5m
Short-paper
Feature-based Investigation of Simulation Structure and Behaviour
Research Papers
A: Sandro Koch Karlsruhe Institute of Technology (KIT), A: Robert Heinrich Karlsruhe Institute of Technology (KIT), A: Ralf Reussner Karlsruhe Institute of Technology (KIT) and FZI - Research Center for Information Technology (FZI)
11:20
5m
Demonstration
Tool-based Attack Graph Estimation for Software Architectures
Tools & Demos
11:25
65m
Other
Discussion
Research Papers


Information for Participants
Fri 23 Sep 2022 11:00 - 12:30 at S4 - Architecture modeling, design and decision making Chair(s): Henry Muccini, Luciano Baresi
Info for session

Each paper is presented as a 5-minute pitch talk at the beginning. The rest of the session is a discussion.

Info for room S4:

After reaching the 3rd floor (either by elevator or the main staircase), turn right.