Tun, Thein Than; Yu, Yijun; Haley, C. and Nuseibeh, B.
Model-Based argument analysis for evolving security requirements.
In: Fourth International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2010, 9-11 September 2010, Singapore, IEEE, pp. 88–97.
Full text available as:
Software systems are made to evolve in response to changes in their contexts and requirements. As the systems evolve, security concerns need to be analysed in order to evaluate the impact of changes on the systems. We propose to investigate such changes by applying a meta-model of evolving security requirements, which draws on requirements engineering approaches, security analysis, argumentation and software evolution. In this paper, we show how the meta-model can be instantiated using a formalism of temporal logic, called the Event Calculus. The main contribution is a model based approach to argument analysis, supported by a tool which generates templates for formal descriptions of the evolving system. We apply our approach to several examples from an Air Traffic Management case study.
Actions (login may be required)