A Tool for Managing Evolving Security Requirements

CímA Tool for Managing Evolving Security Requirements
Közlemény típusaBook Chapter
Kiadás éve2012
SzerzőkBergmann, G., Massacci, F., Paci, F., Tun, T T., Varró, D., and Yu, Y.
SzerkesztőNurcan, S., Aalst, W., Mylopoulos, J., Rosemann, M., Shaw, M. J., and Szyperski, C.
KönyvcímIS Olympics: Information Systems in a Diverse World
SorozatcímLecture Notes in Business Information Processing
KiadóSpringer Berlin Heidelberg

Management of requirements evolution is a challenging process. Requirements change continuously making the traceability of requirements difficult and the monitoring of requirements unreliable. Moreover, changing requirements might have an impact on the security properties a system design should satisfy: certain security properties that are satisfied before evolution might no longer be valid or new security properties need to be satisfied after changes have been introduced. This paper presents SeCMER, a tool for requirements evolution management developed in the context of the SecureChange project. The tool supports automatic detection of requirement changes and violation of security properties using change-driven transformations. The tool also supports argumentation analysis to check security properties are preserved by evolution and to identify new security properties that should be taken into account.