A conceptual model for a holistic predictive attack ability metric for secure service oriented architecture software

Abstract

Software based systems are ubiquitous in modern day operations. There has been an increase in software based system attacks; leading to the need to equip the project managers, software designers and software developers with a better predictive attackability model at the architectural design stage. Attackability is a concept proposed recently in research literature to measure the extent that a software system or service could be the target of a successful attack. A literature survey of existing technical models was carried out to identify gaps in them. Also, a literature survey on, human traits that lead to human beings and the software system they man being subject to social engineering attacks was undertaken. Then a conceptual model has been proposed to extend the existing technical model and incorporate a social attackability model to produce a holistic predictive attackability model.