PDF:
A Tool for Managing Evolving Security Requirements
| Title | A Tool for Managing Evolving Security Requirements |
| Publication Type | Conference Paper |
| Year of Publication | 2011 |
| Authors | Bergmann, G., Massacci, F., Paci, F., Tun, T., Varró, D., and Yu, Y. |
| Editor | Nurcan, S. |
| Conference Name | CAiSE'11 Forum at the 23rd International Conference on Advanced Information Systems Engineering |
| Date Published | 06/2011 |
| Publisher | CEUR-WS |
| Conference Location | London, UK |
| Keywords | change impact analysis, secure i*, security argumentation, security patterns, security requirements engineering |
| Abstract | Requirements evolution management is a daunting process. Requirements change continuously making the traceability of requirements hard and the monitoring of requirements unreliable. Moreover, changing requirements might have an impact on the security properties a system design should satisfy: certain security properties that are satis ed before evolution might no longer be valid or new security properties need to be satis ed. This paper presents SeCMER, a tool for requirements evolution management developed in the context of the SecureChange project. The tool supports automatic detection of requirement changes and violation of security properties using change-driven transformations. The tool also supports argumentation analysis to check security properties are preserved by evolution and to identify new security properties that should be taken into account. |
| Notes | urn:nbn:de:0074-734-7 |
| URL | http://nbn-resolving.de/urn:nbn:de:0074-734-7 |
