Component-based software development (CBSD) offers many advantages like reduced product time to market, reduced complexity and cost etc. Despite these advantages its wide scale utilization in developing security critical systems is currently hampered because of lack, of suitable design techniques to efficiently manage the complete system security concerns in the development process. The use of commercial of the shelf (COTS) components can introduce various security and reliability risks in the system. In this paper we propose a methodology for efficient management of all the system security concerns involved in the design of component based systems. Our methodology is based on formally representing the system security specifications and component capabilities. We identify the metrics for correlating both and suggest extensions to a previously proposed software development process, for selection of suitable components and integration mechanisms. The proposed solution ensures due treatment of all the security concerns for the complete system in the acquisition efforts.

Meeting Name

29th Annual International Computer Software and Applications Conference (2005: Jul. 26-28, Edinburgh, Scotland)


Electrical and Computer Engineering

Second Department

Computer Science

Keywords and Phrases

Component Based System Design; Component-Based Software Development (CBSD); Formal Representation; Formal Specification; Object-Oriented Programming; Security Critical Systems; Security Management; Security of Data; Software Metrics; Software Reliability; System Reliability; System Security Specification; Reliability Risks; Computational Complexity; Computer Software; Reliability Theory; Systems Analysis

International Standard Book Number (ISBN)


International Standard Serial Number (ISSN)


Document Type

Article - Conference proceedings

Document Version

Final Version

File Type





© 2005 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Publication Date

01 Jul 2005