Effectiveness and performance analysis of model-oriented security requirements engineering to elicit security requirements: a systematic solution for developing secure software systems

2015 ◽  
Vol 15 (3) ◽  
pp. 319-334 ◽  
Author(s):  
P. Salini ◽  
S. Kanmani
Keyword(s):  
Performance Analysis ◽  
Requirements Engineering ◽  
Security Requirements ◽  
Software Systems ◽  
Security Requirements Engineering ◽  
Secure Software ◽  
Systematic Solution ◽  
And Performance

Identifying Security Requirements Using the Security Quality Requirements Engineering (SQUARE) Method

2007 ◽  
pp. 43-69 ◽  
Author(s):  
N. R. Mead
Keyword(s):  
Requirements Engineering ◽  
Systematic Approach ◽  
Promising Method ◽  
Security Requirements ◽  
Software Systems ◽  
Quality Requirements ◽  
Student Teams ◽  
Security Requirements Engineering ◽  
Engineering Institute

In this chapter, we describe general issues in developing security requirements, meth-ods that have been useful, and a method (SQUARE) that can be used for eliciting, analyzing, and documenting security requirements for software systems. SQUARE, which was developed by the CERT Program at Carnegie Mellon University’s Soft-ware Engineering Institute, provides a systematic approach to security requirements engineering. SQUARE has been used on a number of client projects by Carnegie Mellon student teams, prototype tools have been developed, and research is ongoing to improve this promising method.

Identifying Security Requirements Using the Security Quality Requirements Engineering (SQUARE) Method

2008 ◽  
pp. 943-963
Author(s):  
N. R. Mead
Keyword(s):  
Requirements Engineering ◽  
Systematic Approach ◽  
Promising Method ◽  
Security Requirements ◽  
Software Systems ◽  
Quality Requirements ◽  
Student Teams ◽  
Security Requirements Engineering ◽  
Engineering Institute

In this chapter, we describe general issues in developing security requirements, methods that have been useful, and a method (SQUARE) that can be used for eliciting, analyzing, and documenting security requirements for software systems. SQUARE, which was developed by the CERT Program at Carnegie Mellon University’s Soft-ware Engineering Institute, provides a systematic approach to security requirements engineering. SQUARE has been used on a number of client projects by Carnegie Mellon student teams, prototype tools have been developed, and research is ongoing to improve this promising method.

Security Requirements Engineering for Evolving Software Systems

2010 ◽  
Vol 1 (1) ◽  
pp. 54-73 ◽  
Author(s):  
Armstrong Nhlabatsi ◽  
Bashar Nuseibeh ◽  
Yijun Yu
Keyword(s):  
Requirements Engineering ◽  
Software Evolution ◽  
Extended Period ◽  
Security Requirements ◽  
Software Systems ◽  
Novel Technologies ◽  
Security Requirements Engineering ◽  
Evolutionary Changes ◽  
Cross Fertilization ◽  
Review Current

Long-lived software systems often undergo evolution over an extended period. Evolution of these systems is inevitable as they need to continue to satisfy changing business needs, new regulations and standards, and introduction of novel technologies. Such evolution may involve changes that add, remove, or modify features; or that migrate the system from one operating platform to another. These changes may result in requirements that were satisfied in a previous release of a system not being satisfied in subsequent versions. When evolutionary changes violate security requirements, a system may be left vulnerable to attacks. In this article we review current approaches to security requirements engineering and conclude that they lack explicit support for managing the effects of software evolution. We then suggest that a cross fertilization of the areas of software evolution and security engineering would address the problem of maintaining compliance to security requirements of software systems as they evolve.

Security Requirements Engineering for Evolving Software Systems

2012 ◽  
pp. 108-128 ◽  
Author(s):  
Armstrong Nhlabatsi ◽  
Bashar Nuseibeh ◽  
Yijun Yu
Keyword(s):  
Requirements Engineering ◽  
Software Evolution ◽  
Extended Period ◽  
Security Requirements ◽  
Software Systems ◽  
Security Engineering ◽  
Novel Technologies ◽  
Security Requirements Engineering ◽  
Evolutionary Changes ◽  
Review Current

Long-lived software systems often undergo evolution over an extended period. Evolution of these systems is inevitable as they need to continue to satisfy changing business needs, new regulations and standards, and introduction of novel technologies. Such evolution may involve changes that add, remove, or modify features; or that migrate the system from one operating platform to another. These changes may result in requirements that were satisfied in a previous release of a system not being satisfied in subsequent versions. When evolutionary changes violate security requirements, a system may be left vulnerable to attacks. In this paper we review current approaches to security requirements engineering and conclude that they lack explicit support for managing the effects of software evolution. We then suggest that a cross fertilisation of the areas of software evolution and security engineering would address the problem of maintaining compliance to security requirements of software systems as they evolve.

Sign in / Sign up

Export Citation Format

Share Document