A tool for managing evolving security requirements

Gábor Bergmann, Fabio Massacci, Federica Paci, Thein Tun, Dániel Varró, Yijun Yu

Research output: Contribution to journalConference article

Abstract

Requirements evolution management is a daunting process. Requirements change continuously making the traceability of requirements hard and the monitoring of requirements unreliable. Moreover, changing requirements might have an impact on the security properties a system design should satisfy: certain security properties that are satisfied before evolution might no longer be valid or new security properties need to be satisfied. This paper presents SeCMER, a tool for requirements evolution management developed in the context of the SecureChange project. The tool supports automatic detection of requirement changes and violation of security properties using change-driven transformations. The tool also supports argumentation analysis to check security properties are preserved by evolution and to identify new security properties that should be taken into account.

Original languageEnglish
Pages (from-to)49-56
Number of pages8
JournalCEUR Workshop Proceedings
Volume734
Publication statusPublished - Dec 1 2011
EventCAiSE Forum 2011 - London, United Kingdom
Duration: Jun 22 2011Jun 24 2011

    Fingerprint

Keywords

  • Change impact analysis
  • Secure i*
  • Security argumentation
  • Security patterns
  • Security requirements engineering

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Bergmann, G., Massacci, F., Paci, F., Tun, T., Varró, D., & Yu, Y. (2011). A tool for managing evolving security requirements. CEUR Workshop Proceedings, 734, 49-56.