A tool for managing evolving security requirements

Gábor Bergmann, Fabio Massacci, Federica Paci, Thein Than Tun, Dániel Varró, Yijun Yu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Management of requirements evolution is a challenging process. Requirements change continuously making the traceability of requirements difficult and the monitoring of requirements unreliable. Moreover, changing requirements might have an impact on the security properties a system design should satisfy: certain security properties that are satisfied before evolution might no longer be valid or new security properties need to be satisfied after changes have been introduced. This paper presents SeCMER, a tool for requirements evolution management developed in the context of the SecureChange project. The tool supports automatic detection of requirement changes and violation of security properties using change-driven transformations. The tool also supports argumentation analysis to check security properties are preserved by evolution and to identify new security properties that should be taken into account.

Original languageEnglish
Title of host publicationIS Olympics
Subtitle of host publicationInformation Systems in a Diverse World - CAiSE Forum 2011, Selected Extended Papers
PublisherSpringer Verlag
Pages110-125
Number of pages16
ISBN (Print)9783642297489
DOIs
Publication statusPublished - Jan 1 2012
EventCAiSE Forum 2011 on IS Olympics: Information Systems in a Diverse World - London, United Kingdom
Duration: Jun 20 2011Jun 24 2011

Publication series

NameLecture Notes in Business Information Processing
Volume107 LNBIP
ISSN (Print)1865-1348

Other

OtherCAiSE Forum 2011 on IS Olympics: Information Systems in a Diverse World
CountryUnited Kingdom
CityLondon
Period6/20/116/24/11

Keywords

  • change impact analysis
  • secure i
  • security argumentation
  • security patterns
  • security requirements engineering

ASJC Scopus subject areas

  • Management Information Systems
  • Control and Systems Engineering
  • Business and International Management
  • Information Systems
  • Modelling and Simulation
  • Information Systems and Management

Fingerprint Dive into the research topics of 'A tool for managing evolving security requirements'. Together they form a unique fingerprint.

  • Cite this

    Bergmann, G., Massacci, F., Paci, F., Tun, T. T., Varró, D., & Yu, Y. (2012). A tool for managing evolving security requirements. In IS Olympics: Information Systems in a Diverse World - CAiSE Forum 2011, Selected Extended Papers (pp. 110-125). (Lecture Notes in Business Information Processing; Vol. 107 LNBIP). Springer Verlag. https://doi.org/10.1007/978-3-642-29749-6_8