How to Select a Security Requirements Method? A Comparative Study with Students and Practitioners

Most Secure Development Software Life Cycles (SSDLCs) start from security requirements. Security Management standards do likewise. There are several methods from industry and academia to elicit and analyze security requirements, but there are few empirical evaluations to investigate whether these methods are effective in identifying security requirements. Most of the papers published in the requirements engineering community report on methods'evaluations that are conducted by the same researchers who have designed the methods. The goal of this paper is to investigate how successfull academic security requirements methods are when applied by someone different than the method designer. The paper reports on a medium scale qualitative study where master students in computer science and professionals have applied academic security requirements engineering methods to analyze the security risks of a specific application scenario. The study has allowed the identification of methods' strenghts and limitations.

[1]  Paolo Giorgini,et al.  Secure and dependable patterns in organizations: an empirical approach , 2007, 15th IEEE International Requirements Engineering Conference (RE 2007).

[2]  Wouter Joosen,et al.  Change patterns , 2012, Software & Systems Modeling.

[3]  Kevin Lano,et al.  Slicing of UML models using model transformations , 2010, MODELS'10.

[4]  Andreas L. Opdahl,et al.  Experimental comparison of attack trees and misuse cases for security threat identification , 2009, Inf. Softw. Technol..

[5]  Klaas Sikkel,et al.  A systematic mapping study on empirical evaluation of software requirements specifications techniques , 2009, 2009 3rd International Symposium on Empirical Software Engineering and Measurement.

[6]  Joint Task Force Recommended Security Controls for Federal Information Systems and Organizations , 2009 .

[7]  HaleyCharles,et al.  Security Requirements Engineering , 2008 .

[8]  Ketil Stølen,et al.  A graphical approach to risk identification, motivated by empirical investigations , 2006, MoDELS'06.

[9]  Jean-Marc Jézéquel,et al.  ≪UML≫ 2002 — The Unified Modeling Language , 2002, Lecture Notes in Computer Science.

[10]  Ketil Stølen,et al.  Reducing the Effort to Comprehend Risk Models: Text Labels Are Often Preferred Over Graphical Means , 2011, Risk analysis : an official publication of the Society for Risk Analysis.

[11]  Nancy R. Mead,et al.  Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.

[12]  Ketil Stølen,et al.  A Guided Tour of the CORAS Method , 2011 .

[13]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[14]  Colin Potts,et al.  Software-engineering research revisited , 1993, IEEE Software.

[15]  Bashar Nuseibeh,et al.  Security Requirements Engineering: A Framework for Representation and Analysis , 2008, IEEE Transactions on Software Engineering.

[16]  Thomas Heyman,et al.  An Analysis of the Security Patterns Landscape , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[17]  Koen Yskout Change Patterns : Co-evolving Requirements and Architecture , 2010 .

[18]  John Mylopoulos,et al.  Modeling security requirements through ownership, permission and delegation , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[19]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[20]  Dirk Fox,et al.  Open Web Application Security Project , 2006, Datenschutz und Datensicherheit - DuD.

[21]  Marianne M. Swanson,et al.  Recommended Security Controls for Federal Information Systems , 2005 .

[22]  Haralambos Mouratidis,et al.  Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems , 2003, CAiSE.