The Open UniversitySkip to content
 

Security requirements engineering for evolving software systems: a survey

Nhlabatsi, Armstrong; Nuseibeh, Bashar and Yu, Yijun (2010). Security requirements engineering for evolving software systems: a survey. International Journal of Secure Software Engineering (IJSSE), 1(1) pp. 54–73.

Full text available as:
Full text not publicly available
Due to copyright restrictions, this file is not available for public download
URL: http://www.igi-global.com/Bookstore/Article.aspx?T...
DOI (Digital Object Identifier) Link: http://dx.doi.org/10.4018/jsse.2010102004
Google Scholar: Look up in Google Scholar

Abstract

Long-lived software systems often undergo evolution over an extended period of time. Evolution of these systems is inevitable as they need to continue to satisfy changing business needs, new regulations and standards, and the introduction of novel technologies. Such evolution may involve changes that add, remove, or modify features; or that migrate the system from one operating platform to another. These changes may result in requirements that were satisfied in a previous release of a system not being satisfied in its updated version. When evolutionary changes violate security requirements, a system may be left vulnerable to attacks. In this paper we review current approaches to security requirements engineering and conclude that they lack explicit support for managing the effects of software evolution. We then suggest that a cross fertilisation of the areas of software evolution and security engineering would address the problem of maintaining compliance to security requirements of software systems as they evolve. We conclude the paper with a research agenda that highlights research issues that may need to be addressed.

Item Type: Journal Article
Copyright Holders: 2010 IGI Global
ISSN: 1947-3036
Keywords: entailment relation; security requirements engineering; software evolution
Academic Unit/Department: Mathematics, Computing and Technology > Computing & Communications
Interdisciplinary Research Centre: Centre for Research in Computing (CRC)
Item ID: 20866
Depositing User: Yijun Yu
Date Deposited: 20 Apr 2010 10:55
Last Modified: 09 Jul 2014 21:56
URI: http://oro.open.ac.uk/id/eprint/20866
Share this page:

Actions (login may be required)

View Item
Report issue / request change

Policies | Disclaimer

© The Open University   + 44 (0)870 333 4340   general-enquiries@open.ac.uk