This paper presents a security engineering process for the development of secure systems focusing on the specification and development of the Set-top Boxes. The paper describes the Set-top Box characteristics and functionalities and, using the process and its secure artefacts, models what we call a Domain Security Metamodel that defines all the security properties of that domain and implements them using Security Building Blocks. This security artefact can be used by system engineers when modelling their system model in order to fulfil its security requirements and, as a result, create a secure system that has security naturally integrated in its architecture and functionality.
展开▼
