Date of Graduation


Document Type


Degree Type



Statler College of Engineering and Mineral Resources


Lane Department of Computer Science and Electrical Engineering

Committee Chair

Hany H Ammar


Enterprise, medium and small companies develop and maintain different types of large-scale software systems for public and financial institutes. A security failure in such systems could lead to a significant impact. It is therefore essential to analyze security risk in the system components early on during the development process in order to prevent the occurrence of security failures.;The objective of this research is to develop a methodology for security risk assessment during the early software development phases to identify high security risk elements, thus enabling us to enhance security features in the early phases of software lifecycle. This methodology can be integrated with other methodologies for assessing risk in software attributes such as performance, reliability, and maintainability in order to enhance resource allocation decision and to improve the quality of software products.;We propose an architectural level security assessment methodology to assess the security risk of software systems early on in the software life cycle. It combines the probability of security failure and the severity associated with such failures to estimate the risk factors. This research presents first a methodology that uses UML specifications to estimate the probability of security failure for each component for a given scenario of a given use case. The research also proposes a new methodology to estimate the severity of security failure based on the data sensitivity, access rights, and reachability matrix. These methodologies define a security risk assessment model that enables us to identify high security risk elements. We illustrate this model using a scenario of an ecommerce case study.;Validation of security risk assessment is a challenging and a relatively unexplored area. In this research, we conduct two validation studies of the proposed methodologies based on Microsoft Security Bulletins and two security design patterns.