论文信息 - Specifying and Reasoning over Socio-Technical Security Requirements with STS-Tool

Specifying and Reasoning over Socio-Technical Security Requirements with STS-Tool

We present the latest version of STS-Tool, the modelling and analysis support tool for STS-ml, an actor- and goal-oriented security requirements modelling language for socio-technical systems. STS-Tool allows designers to model a socio-technical system in terms of high-level primitives such as actor, goal, and delegation; to express security constraints over the interactions between the actors; and to derive security requirements once the modelling is done. The tool features a set of automated reasoning techniques for i checking if a given STS-ml model is well-formed, and ii determining if the specification of security requirements is consistent, that is, there are no conflicts among security requirements. These techniques have been implemented using disjuntive datalog programs. We have evaluated our tool through various industrial case studies.

[1] Munindar P. Singh. An ontology for commitments in multiagent systems: , 1999, Artificial Intelligence and Law.

[2] Paolo Giorgini,et al. Managing Security Requirements Conflicts in Socio-Technical Systems , 2013, ER.

[3] Paolo Giorgini,et al. Security requirements engineering via commitments , 2011, 2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST).

[4] Pierluigi Roberti,et al. STS-Tool: Using Commitments to Specify Socio-Technical Security Requirements , 2012, ER Workshops.

[5] John Mylopoulos,et al. Adaptive socio-technical systems: a requirements-based approach , 2011, Requirements Engineering.

[6] Manfred Tscheligi,et al. Formative User-Centered Evaluation of Security Modeling: Results from a Case Study , 2012, Int. J. Secur. Softw. Eng..

[7] Munindar P. Singh. An ontology for commitments in multiagent systems: , 1999, Artificial Intelligence and Law.