SecTro: A CASE Tool for Modelling Security in Requirements Engineering using Secure Tropos

Secure Tropos is an extension of Tropos methodology, which considers security throughout the whole development process. The main concept of Secure Tropos is the security constraint that captures constraints regarding security. Similarly, the concepts of dependency, goal, task, resource, and capability were also extended with security in mind. In this paper we present the SecTro tool, a CASE tool that guides and supports the developers in the construction of the appropriate models of Secure Tropos.

[1]  Xavier Franch,et al.  J-PRiM: A Java Tool for a Process Reengineering i* Methodology , 2006, 14th IEEE International Requirements Engineering Conference (RE'06).

[2]  Haralambos Mouratidis,et al.  Secure Tropos: a Security-Oriented Extension of the Tropos Methodology , 2007, Int. J. Softw. Eng. Knowl. Eng..

[3]  Haralambos Mouratidis,et al.  Modelling security and trust with Secure Tropos , 2006 .

[4]  John Mylopoulos,et al.  Computer-aided Support for Secure Tropos , 2007, Automated Software Engineering.

[5]  John Mylopoulos,et al.  Goal-oriented requirements analysis and reasoning in the Tropos methodology , 2005, Eng. Appl. Artif. Intell..

[6]  Anna Perini,et al.  Tool-Supported Development with Tropos: The Conference Management System Case Study , 2007, AOSE.

[7]  Neil A. M. Maiden,et al.  REDEPEND-REACT: an architecture analysis tool , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[8]  G. Mussbacher,et al.  Assessing the Applicability of Use Case Maps for Business Process and Workflow Description , 2008, 2008 International MCETECH Conference on e-Technologies (mcetech 2008).

[9]  Haralambos Mouratidis,et al.  Integrating Security and Software Engineering: Future Vision and Challenges , 2008 .

[10]  Gerhard Lakemeyer,et al.  SNet: A Modeling and Simulation Environment for Agent Networks Based on i* and ConGolog , 2002, CAiSE.

[11]  Haralambos Mouratidis,et al.  Security Attack Testing (SAT) - testing the security of information systems at design time , 2007, Inf. Syst..