Arguing Security - Creating Security Assurance Cases
July 2013 • White Paper
Charles B. Weinstock, Howard F. Lipson, John B. Goodenough
In this paper, the authors explain an approach to documenting an assurance case for system security.
An assurance case is a body of evidence organized into an argument demonstrating that some claim about a system holds, i.e., is assured. An assurance case is needed when it is important to show that a system exhibits some complex property such as safety, security, or reliability. In this article, our objective is to explain an approach to documenting an assurance case for system security, i.e., a security assurance case or, more succinctly, a security case.