Getting Grip on Security Requirements Elicitation by Structuring and Reusing Security Requirements Sources

Schmitt, Christian; Liggesmeyer, Peter

doi:10.7250/csimq.2015-3.02

Cited by 4 publications

(2 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also, [34] finds out that most of the requirements reuse techniques are textual copy based and that there is a direct relationship between the requirements reuse and the adopted technology. Moreover, methods that extensively adopt requirements repositories such as [20,40,53] use them to construct requirement specification documents. The repository usability reduces at the design and implementation stage due to the manual linkages of the requirements.…”

Section: Related Workmentioning

confidence: 99%

Tracing security requirements in industrial control systems using graph databases

et al. 2022

View full text Add to dashboard Cite

We must explicitly capture relationships and hierarchies between the multitude of system and security standards requirements. Current security requirements specification methods do not capture such structure effectively, making requirements management and traceability harder, consequently increasing costs and time to market for developing certified ICS. We propose a novel requirements repository model for ICS that uses labelled property graphs to structure and store system-specific and standards-based requirements using well-defined relationship types. Furthermore, we integrate the proposed requirements repository with design-time ICS tools to establish requirements traceability. A wind turbine case study illustrates the overall workflow in our framework. We demonstrate that a robust requirements traceability matrix is a natural consequence of using labelled property graphs. We also introduce a compatible requirements change management procedure that aids in adapting to changes in development and certification schemes.

show abstract

Section: Related Workmentioning

confidence: 99%

Tracing security requirements in industrial control systems using graph databases

et al. 2022

View full text Add to dashboard Cite

show abstract

“…The model, e.g. has been used to develop the security requirements and the architectural specifications concurrently [16]. The study shows that the requirement elicitation and architectural design activities should not be performed sequentially in a single phase within the development life cycle.…”

Section: Related Studiesmentioning

confidence: 99%

A Method for Software Requirement Volatility Analysis Using QFD

Anang¹,

Takahashi²,

Watanabe³

2016

J. Complex Syst. Inform. Model. Q.

View full text Add to dashboard Cite

Changes of software requirements are inevitable during the development life cycle. Rather than avoiding the circumstance, it is easier to just accept it and find a way to anticipate those changes. This paper proposes a method to analyze the volatility of requirement by using the Quality Function Deployment (QFD) method and the introduced degree of volatility. Customer requirements are deployed to software functions and subsequently to architectural design elements. And then, after determining the potential for changes of the design elements, the degree of volatility of the software requirements is calculated. In this paper the method is described using a flow diagram and illustrated using a simple example, and is evaluated using a case study.

show abstract

Auditing Security of Information Flows

Kozlovs

Kirikova

2016

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Getting Grip on Security Requirements Elicitation by Structuring and Reusing Security Requirements Sources

Cited by 4 publications

References 28 publications

Tracing security requirements in industrial control systems using graph databases

Tracing security requirements in industrial control systems using graph databases

A Method for Software Requirement Volatility Analysis Using QFD

Auditing Security of Information Flows

Contact Info

Product

Resources

About