A tool for managing evolving security requirements

Bergmann, Gábor; Massacci, Fabio; Paci, Federica; Tun, Thein; Varró, Dániel and Yu, Yijun (2011). A tool for managing evolving security requirements. In: CAiSE Forum, 22-24 Jun 2011, London, pp. 49–56.

URL: http://ceur-ws.org/Vol-734/PaperDemo07.pdf

Abstract

Requirements evolution management is a daunting process. Requirements change continuously making the traceability of requirements hard and the monitoring of requirements unreliable. Moreover, changing requirements might have an impact on the security properties a system design should satisfy: certain security properties that are satisfied before evolution might no longer be valid or new security properties need to be satisfied. This paper presents SeCMER, a tool for requirements evolution management developed in the context of the SecureChange project. The tool supports automatic detection of requirement changes and violation of security properties using change-driven transformations. The tool also supports argumentation analysis to check security properties are preserved by evolution and to identify new security properties that should be taken into account.

Viewing alternatives

Download history

Item Actions

Export

About

Recommendations