@INPROCEEDINGS{YAUT-08-NordSec,
  author = {Artsiom Yautsiukhin and Riccardo Scandariato and Thomas Heyman and
	Fabio Massacci and Wouter Joosen},
  title = {Towards a quantitative assessment of security in software architectures},
  booktitle = {Proceedings of the 13th Nordic Workshop on Secure IT Systems},
  year = {2008},
  abstract = {Software patterns are key building blocks used to construct the architecture of a software system. Patterns also have an important role during the architecture assessment phase, as they represent the design rationale, which is central to evaluation. This work presents a quantitative approach to assess the security of a pattern-based software architecture. In particular, security patterns are used to measure to what extent an architecture is protected against relevant security threats. To this aim, threat coverage metrics are associated to security patterns and an aggregation algorithm is proposed to compute an overall security indicator. The proposed approach helps in comparing design alternatives and choosing the best candidate.},
  url = {http:\\www.dit.unitn.it\~evtiukhi\Resources\YAUT-08-NordSec.pdf}
}