Can I Check What I Designed? Mapping Security Design DSLs to Code Analyzers
Sven Peldszus, Frederik Reiche, Kevin Hermann, Sophie Corallo, Thorsten Berger, Robert Heinrich
TL;DR
This paper investigates the relationship between security design DSLs and code analyzers, highlighting the complexity and gaps in understanding security at different abstraction levels.
Contribution
It presents a comprehensive study of security DSLs and analyzers, introduces the SecLan model, and provides insights to bridge the gap between security design and implementation.
Findings
Few commonalities between design-level and implementation-level security.
Security checks often describe general weaknesses, complicating analysis.
Security experts find the complexity of relationships overwhelming.
Abstract
When assessing the potential impact of code-level vulnerabilities, e.g., discovered by automated analyzers, it is essential to consider them in the context of the system's security design. However, this is a challenging task due to the abstraction gap between security design, often specified using security DSLs, and implementation. As we will show, even security experts lack a complete understanding of this relationship. Intrigued by this gap (and the general disconnect between secure design and secure implementation) we present a study of 66 design-level security DSLs and 559 security checks from 36 code-level analyzers. We identify what concepts are common to both and capture them in the SecLan model, which has been validated by 22 security experts. Based on this, we investigate the relationship between DSLs and analyzers quantitatively and explore it qualitatively together with 9…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.