An Architectural Foundation For Security Model Sharing And Reuse

Within the field of software security we have yet to find efficient ways on how to learn from past mistakes and integrate security as a natural part of software development. This situation can be improved by using an online repository, the SHIELDS SVRS, that facilitates fast and easy interchange of security artefacts between security experts, software developers and their assisting tools. Such security artefacts are embedded in or represented as security models containing the needed information to detect, remove and prevent vulnerabilities in software, independent of the applied development process. The purpose of this paper is to explain the main reference architecture description of the repository and the more general tool stereotypes that can communicate with it.