Contextualisation of Data Flow Diagrams for security analysis
This addresses the problem of improving security analysis for system designers using DFDs, but it appears incremental as it builds on existing modeling approaches without a major breakthrough.
The paper tackled the difficulty of reasoning about security threats in data flow diagrams (DFDs) without compromising their simplicity by contextualizing them with usability and requirements models, and demonstrated in a pilot study that tainted data flows could be identified without augmenting the models.
Data flow diagrams (DFDs) are popular for sketching systems for subsequent threat modelling. Their limited semantics make reasoning about them difficult, but enriching them endangers their simplicity and subsequent ease of take up. We present an approach for reasoning about tainted data flows in design-level DFDs by putting them in context with other complementary usability and requirements models. We illustrate our approach using a pilot study, where tainted data flows were identified without any augmentations to either the DFD or its complementary models.