This is microSecEnD, a dataset containing manually created, security-enriched Dataflow Diagrams (DFDs) of microservice applications written in Java. The DFDs correspond to actual implementation code of open-source applications found on GitHub. They are presented in multiple formats and contain full traceability of all model items to code, indicating the evidence for their implementation.
Additionally to the models themselves, we present a mapping to a list of 17 architectural security best-practices, i.e. a table indicating whether each rule is followed or not. For those that are not followed, we created model variants that do follow the rule. These variants were crafted purely on the model-level and the added items do not correspond to code anymore.
All artifacts were created manually by researchers of the Institute of Software Security at Hamburg University of Technology.
The dataset is accompanying a publication at the 20th International Conference on Mining Software Repository (MSR’23).
If you use microSecEnD in academic context, please cite it as:
@inproceedings{microSecEnD23,
author = {Schneider, Simon and \"Ozen, Tufan and Chen, Michael and Scandariato, Riccardo},
booktitle = {2023 IEEE/ACM 20th International Conference on Mining Software Repositories (MSR)},
title = ,
year = {2023},
pages = {125-129},
doi = {10.1109/MSR59073.2023.00030}
}
