microSecEnD: A Dataset of Security-Enriched Dataflow Diagrams for Microservice Applications (MSR 2023 - Data and Tool Showcase Track)

Who

Simon Schneider, Tufan Özen, Michael Chen, Riccardo Scandariato

Track

MSR 2023 Data and Tool Showcase Track

Time Zone

The program is currently displayed in (GMT+11:00) Hobart.

Use conference time zone: (GMT+11:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Mon 15 May 2023 12:08 - 12:14 at Meeting Room 110 - Software Evolution & Analysis Chair(s): Michael Schlichtig

Abstract

Dataflow diagrams (DFDs) are useful resources in securing applications since they show a software system’s architecture and allow assessing architectural security and weaknesses. Enriching them with annotations about implemented security features further strengthens this ability. This is especially true for microservice applications, as their most pressing security concerns stem from their separation into multiple services. Researchers need data to work on these issues and enhance microservices’ architectural security. In this work, we present microSecEnD, a dataset of 17 manually created DFDs that are extensively annotated with information on implemented security features. We provide traceability for all model items. Further, a mapping to a list of 17 architectural security best-practices is provided. Finally, for each best-practice that an application violates, we present a model variant that does adhere to it.

Simon Schneider

Hamburg University of Technology

Tufan Özen

Hamburg University of Technology

Michael Chen

Hamburg University of Technology

Germany

Riccardo Scandariato

Hamburg University of Technology

Time Zone

The program is currently displayed in (GMT+11:00) Hobart.

Use conference time zone: (GMT+11:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Mon 15 May
Displayed time zone: Hobart change

11:50 - 12:35	Software Evolution & AnalysisData and Tool Showcase Track / Technical Papers at Meeting Room 110 Chair(s): Michael Schlichtig

11:50 6m Talk		TypeScript's Evolution: An Analysis of Feature Adoption Over Time Technical Papers Joshua D. Scarsbrook The University of Queensland, Mark Utting The University of Queensland, Ryan K. L. Ko The University of Queensland Pre-print
11:56 6m Talk		DGMF: Fast Generation of Comparable, Updatable Dependency Graphs for Software Repositories Data and Tool Showcase Track Tobias Litzenberger TU Dortmund University, Johannes Düsing TU Dortmund University, Ben Hermann TU Dortmund
12:02 6m Talk		Enabling Analysis and Reasoning on Software Systems through Knowledge Graph Representation Data and Tool Showcase Track Satrio Adi Rukmono , Michel Chaudron Eindhoven University of Technology, The Netherlands
12:08 6m Talk		microSecEnD: A Dataset of Security-Enriched Dataflow Diagrams for Microservice Applications Data and Tool Showcase Track Simon Schneider Hamburg University of Technology, Tufan Özen Hamburg University of Technology, Michael Chen Hamburg University of Technology, Riccardo Scandariato Hamburg University of Technology
12:14 12m Talk		Wasmizer: Curating WebAssembly-driven Projects on GitHub Technical Papers Alexander Nicholson University of Auckland, Quentin Stiévenart Vrije Universiteit Brussel, Arash Mazidi TU Clausthal, Mohammad Ghafari TU Clausthal
12:26 6m Talk		Feature Toggle Usage Patterns : A Case Study on Google Chromium Technical Papers Md Tajmilur Rahman Gannon University