My doctoral research focuses on advancing the role of security patterns in secure software engineering by developing a unified classification framework and a computational detection methodology to improve the design of secure software systems. While security patterns provide essential guidance for mitigating common vulnerabilities, their practical use has long been hampered by inconsistent taxonomies, fragmented documentation, and the lack of automated detection tools.
My PhD seeks to address these challenges through a systematic, research-backed approach that organizes, evaluates, and operationalizes security pattern knowledge for both researchers and practitioners.
Background and Motivation
Software security must begin at the architecture and design stages as modern systems grow increasingly complex such as distributed architectures, cloud-native environments, IoT devices, and continuous integration pipelines. Security patterns serve as reusable solutions that capture proven defensive strategies. However, the security pattern community has struggled with three persistent issues:
Lack of a universal classification scheme
Pattern catalogs differ significantly across authors and repositories, creating confusion for practitioners.
Highly manual and subjective pattern selection
Engineers must read and interpret dozens of pattern descriptions, leading to inconsistent outcomes.
No automated detection techniques to support developers
Despite 20+ years of research, no standardized computational method existed to identify security patterns in design artefacts.
These gaps weaken the practical adoption of security patterns in industry and limit their potential to strengthen system security from the earliest design stages.
Research Objectives
My doctoral project establishes a cohesive strategy to solve these issues:
A structured taxonomy that organizes security patterns according to:
Intent and purpose
Addressed the type of Threat
Architectural layer
Application context
Defensive mechanism
This framework removes inconsistencies identified in earlier studies and provides a single, comprehensive reference point for both research and industry practice.
The Security Pattern Detection Framework (SPDF) introduces a matrix-oriented representation of pattern features and compares them with system design matrices to identify relevant patterns.
My research develops a sequence of matrix-based detection techniques including Ordered Matrix Matching (OMM), Non-Distributed Matrix Matching (NDMM), and the advanced Diagonally Distributed Matrix Matching (DDMM) algorithm to identify security patterns efficiently within design artefacts. These methods improve both speed and accuracy, forming the computational core of my Security Pattern Detection Framework (SPDF). The DDMM algorithm developed as part of my 2022 research provides a computationally efficient diagonal search approach for pattern detection, suitable for large design spaces.
Methodology
The research integrates both qualitative and quantitative methods:
Systematic literature review of pattern repositories.
Feature extraction and normalization of security pattern attributes.
Development of a structured classification model.
Matrix-based pattern encoding techniques.
Algorithmic search (SPDF → OMM, NDMM, DDMM).
Computational evaluation and complexity analysis.
The combined approaches ensure rigour, reproducibility, and practical applicability.
Key Contributions
This thesis introduces a unified, lifecycle-driven approach to enhancing software security by integrating security pattern classification with automated detection. The major contributions are as follows:
A new Natural Classification of Security Patterns (NCSP) is developed by resolving inconsistencies across existing taxonomies and mapping security objectives, software weaknesses, and attack patterns directly to relevant security patterns. This classification is aligned with the Software Development Lifecycle (SDLC). The framework systematically organizes pattern adoption according to the natural progression of security violation reasoning:
Security Objectives → Software Weaknesses → Attack Patterns → Security Patterns
A comprehensive detection framework is designed to analyze UML class diagrams and source code to determine whether required security patterns are present, missing, or inconsistently implemented.
The SPD framework integrates:
Initial structural processing of design and code artefacts.
Matrix-based structural comparison.
Semantic analysis using a multi-level security dictionary and NLP techniques.
This combined approach increases detection precision, reduces false positives, and provides contextual meaning to structural matches.
Three novel structural matching techniques are introduced to detect security patterns with differing levels of completeness and distribution:
OMM (Ordered Matrix Matching): Exact submatrix matching for strict structural correspondence.
NDMM (Non-Uniform Distributed Matrix Matching): Flexible matching of partially distributed pattern structures across components.
DDMM (Diagonally Distributed Matrix Matching): Efficient diagonal traversal for scalable detection within large design matrices.
These algorithms represent a progression from strict detection to flexible and high-performance detection strategies.
The unified classification and the detection framework are combined into a single integrated model that continuously improves software quality. Detected weaknesses generate feedback into the SDLC, enabling iterative updates to requirements, design, and source code until the system achieves the desired level of security assurance.
Together, these contributions provide:
A structured, lifecycle-aware foundation for selecting appropriate security patterns.
An automated mechanism for verifying their correct use in real systems.
A scalable, practical approach that bridges human reasoning with computational analysis.
A unified methodology that supports both secure-by-design engineering and systematic security evaluation.
Software Engineering Research
My work addresses long-standing fragmentation in the security pattern literature and contributes a unified foundation for future research, including ML-based recommendation systems and secure-by-design modeling tools.
Industry
Organizations pursuing secure development frameworks (e.g., ISO 27001, NIST SSDF, DevSecOps) benefit from:
Repeatable security design processes
Automated identification of threat-specific patterns
Reduced dependency on security expertise
Lower cost of remediation by integrating security early
Teaching and Learning
The classification framework provides a clear and structured way to teach security patterns to students and practitioners.
Relation to My Publications
My PhD builds directly on a progression of peer-reviewed research published in IEEE conferences and Elsvier Journal. Together, these works form the empirical and theoretical backbone of my dissertation. The PhD brings together findings from five published papers, [1] - [5], to create the most comprehensive security pattern taxonomy and security pattern detection to date.
References