Tools
EvoAl
EvoAl is a tool suite that focuses on optimisation. EvoAl aims at making optimisation research accessible to applied researchers without plenty of programming skills. Furthermore, it focuses on easy extensibility and maintainability, allowing the research community to develop EvoAl further.
ArchSec
ArchSec automates Microsoft’s Threat Modeling process in two ways: First, it automatically extracts architectural views for component-based software systems. Second, it is capable of automatically identifying security flaws in architectural views.
CoDaPro
CoDaPro stands for component-based data processing and is a tool for data measurement, filtering, and preparation.
eNYPD
eNYPD is a static analysis for identifying entry points of applications. An entry point is any method that an external user or system can control directly. The information on entry points is necessary in many different security analyses, such as Threat Modeling, input validation analyses, or security metrics.
SeeAuthZ
SeeAuthZ is a configurable analysis tool for extracting the implemented authorization policy. Therefore, it extracts the authorization facts the program enforces while accessing a sensitive resource. This information can be used to re-document the authorization policy if the developers lost it or never wrote it down or compare the implemented authorization policy with the planned policy to identify divergences.