A Tool for Managing Evolving Security Requirements

CímA Tool for Managing Evolving Security Requirements
Közlemény típusaConference Paper
Kiadás éve2011
SzerzőkBergmann, G., Massacci, F., Paci, F., Tun, T., Varró, D., and Yu, Y.
SzerkesztőNurcan, S.
Konferencia neveCAiSE'11 Forum at the 23rd International Conference on Advanced Information Systems Engineering
Kiadás dátuma06/2011
Konferencia helyszíneLondon, UK
Kulcsszavakchange impact analysis, secure i*, security argumentation, security patterns, security requirements engineering

Requirements evolution management is a daunting process. Requirements change continuously making the traceability of requirements hard and the monitoring of requirements unreliable. Moreover, changing requirements might have an impact on the security properties a system design should satisfy: certain security properties that are satised before evolution might no longer be valid or new security properties need to be satised. This paper presents SeCMER, a tool for requirements evolution management developed in the context of the SecureChange project. The tool supports automatic detection of requirement changes and violation of security properties using change-driven transformations. The tool also supports argumentation analysis to check security properties are preserved by evolution and to identify new security properties that should be taken into account.