Comparing risk identification techniques for safety and security requirements

[1]  Ludovic Piètre-Cambacédès,et al.  Cross-fertilization between safety and security engineering , 2013, Reliab. Eng. Syst. Saf..

[2]  Bruce Schneier,et al.  DIGITAL SECURITY IN A NETWORKED WORLD , 2013 .

[3]  Péter Kárpáti,et al.  A Combined Process for Elicitation and Analysis of Safety and Security Requirements , 2012, BMMDS/EMMSAD.

[4]  Zhi Jin,et al.  Extending the Problem Frames Approach for Capturing Non-functional Requirements , 2012, 2012 IEEE/ACIS 11th International Conference on Computer and Information Science.

[5]  Andreas L. Opdahl,et al.  Supporting Failure Mode and Effect Analysis: A Case Study with Failure Sequence Diagrams , 2012, REFSQ.

[6]  Mohamed El-Attar,et al.  Towards developing consistent misuse case models , 2012, J. Syst. Softw..

[7]  David H. Johnson,et al.  Hazard Analysis and Risk Assessment in the Development of Biomedical Drug Formulation Equipment , 2011, Annals of Biomedical Engineering.

[8]  Søren Lauesen,et al.  Task descriptions versus use cases , 2011, Requirements Engineering.

[9]  Tor Stålhane,et al.  Enabling hazard identification from requirements and reuse-oriented HAZOP analysis , 2011, 2011 4th International Workshop on Managing Requirements Knowledge.

[10]  Christian Steger,et al.  Computer-Aided PHA, FTA and FMEA for Automotive Embedded Systems , 2011, SAFECOMP.

[11]  Yuji Yamaoka,et al.  Threat Tree Templates to Ease Difficulties in Threat Modeling , 2011, 2011 14th International Conference on Network-Based Information Systems.

[12]  Junbeom Yoo,et al.  A Domain-Specific Safety Analysis for Digital Nuclear Plant Protection Systems , 2011, 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement - Companion.

[13]  Doaa Soliman,et al.  A methodology to upgrade legacy industrial systems to meet safety regulations , 2011, 2011 3rd International Workshop on Dependable Control of Discrete Systems.

[14]  Christian Steger,et al.  A Computer-Aided Approach to Preliminary Hazard Analysis for Automotive Embedded Systems , 2011, 2011 18th IEEE International Conference and Workshops on Engineering of Computer-Based Systems.

[15]  Gernot J. Riedel,et al.  Risk assessment using design review based on failure mode , 2011, 2011 Proceedings - Annual Reliability and Maintainability Symposium.

[16]  Derrick D. Black,et al.  Systems engineering and safety - A framework , 2011, IEEE Engineering Management Review.

[17]  Christoph Lauer,et al.  Fault tree synthesis from UML models for reliability analysis at early design stages , 2011, SOEN.

[18]  Haralambos Mouratidis,et al.  Secure Software Systems Engineering: The Secure Tropos Approach (Invited Paper) , 2011, J. Softw..

[19]  Zhang Shuguang,et al.  Safety Requirements Analysis for Control Law Development of UAV Flight Control Systems , 2011 .

[20]  Ludovic Piètre-Cambacédès,et al.  Safety and Security Interdependencies in Complex Systems and SoS: Challenges and Perspectives , 2011, CSDM.

[21]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[22]  Ludovic Piètre-Cambacédès,et al.  Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes) , 2010, 2010 IEEE International Conference on Systems, Man and Cybernetics.

[23]  Jérémie Guiochet,et al.  Experience with Model-Based User-Centered Risk Assessment for Service Robots , 2010, 2010 IEEE 12th International Symposium on High Assurance Systems Engineering.

[24]  Ketil Stølen,et al.  Model-Driven Risk Analysis - The CORAS Approach , 2010 .

[25]  Thomas Kuhn,et al.  Integration of Component Fault Trees into the UML , 2010, MoDELS.

[26]  Barbara Kordy,et al.  Foundations of Attack-Defense Trees , 2010, Formal Aspects in Security and Trust.

[27]  Stefan Schulz,et al.  Integrating System Modelling with Safety Activities , 2010, SAFECOMP.

[28]  Nancy R. Mead,et al.  Security Requirements Reusability and the SQUARE Methodology , 2010 .

[29]  Klaus D. Müller-Glaser,et al.  Failure mode and effect analysis based on electric and electronic architectures of vehicles to support the safety lifecycle ISO/DIS 26262 , 2010, Proceedings of 2010 21st IEEE International Symposium on Rapid System Protyping.

[30]  Holger Schmidt,et al.  Threat- and Risk-Analysis During Early Security Requirements Engineering , 2010, 2010 International Conference on Availability, Reliability and Security.

[31]  Vasilis Fthenakis,et al.  Hazard and operability (HAZOP) analysis. A literature review. , 2010, Journal of hazardous materials.

[32]  Andreas L. Opdahl,et al.  Towards a Hacker Attack Representation Method , 2010, ICSOFT.

[33]  Maritta Heisel,et al.  A comparison of security requirements engineering methods , 2010, Requirements Engineering.

[34]  Haralambos Mouratidis,et al.  Enhancing Secure Tropos to Effectively Deal with Security Requirements in the Development of Multiagent Systems , 2009, Safety and Security in Multiagent Systems.

[35]  Igor Nai Fovino,et al.  Integrating cyber attacks within fault trees , 2009, Reliab. Eng. Syst. Saf..

[36]  Supanee Arthasartsri,et al.  Validation and verification methodologies in A380 aircraft reliability program , 2009, 2009 8th International Conference on Reliability, Maintainability and Safety.

[37]  Alwyn Roshan Pais,et al.  Security-aware Software Development Life Cycle (SaSDLC) - Processes and tools , 2009, 2009 IFIP International Conference on Wireless and Optical Communications Networks.

[38]  Michael G. Hinchey,et al.  Integrating Formal Analysis and Design to Preserve Security Properties , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[39]  Jeffrey P. Landry,et al.  A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation , 2009, 2009 First International Workshop on Requirements Engineering for e-Voting Systems.

[40]  R. Yin,et al.  Case Study Research: Design and Methods (4th ed. , 2009 .

[41]  Dana Kelly,et al.  Common-cause failure analysis in event assessment , 2008 .

[42]  K. Schneider,et al.  Beyond Documents: Visualizing Informal Communication , 2008, 2008 Requirements Engineering Visualization.

[43]  Sten Bay Jørgensen,et al.  A Goal Based Methodology for HAZOP Analysis , 2008 .

[44]  Tor Stålhane,et al.  A Comparison of Two Approaches to Safety Analysis Based on Use Cases , 2007, ER.

[45]  Guttorm Sindre A Look at Misuse Cases for Safety Concerns , 2007, Situational Method Engineering.

[46]  Haralambos Mouratidis,et al.  Secure Tropos: a Security-Oriented Extension of the Tropos Methodology , 2007, Int. J. Softw. Eng. Knowl. Eng..

[47]  Michael Jackson,et al.  Problem frames and software engineering , 2005, Expert Syst. J. Knowl. Eng..

[48]  Neil A. M. Maiden,et al.  Integrating creativity into requirements processes: experiences with an air traffic management system , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[49]  Clifton A. Ericson,et al.  Hazard Analysis Techniques for System Safety , 2005 .

[50]  John A. Clark,et al.  Effective Security Requirements Analysis: HAZOP and Use Cases , 2004, ISC.

[51]  Axel van Lamsweerde,et al.  Elaborating security requirements by construction of intentional anti-models , 2004, Proceedings. 26th International Conference on Software Engineering.

[52]  Fausto Giunchiglia,et al.  Tropos: An Agent-Oriented Software Development Methodology , 2004, Autonomous Agents and Multi-Agent Systems.

[53]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.

[54]  Barbara Kitchenham,et al.  Procedures for Performing Systematic Reviews , 2004 .

[55]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[56]  Donald Firesmith,et al.  Common Concepts Underlying Safety, Security, and Survivability Engineering , 2003 .

[57]  Bashar Nuseibeh,et al.  Introducing abuse frames for analysing security requirements , 2003, Proceedings. 11th IEEE International Requirements Engineering Conference, 2003..

[58]  Axel van Lamsweerde,et al.  Deriving operational software specifications from system goals , 2002, SIGSOFT '02/FSE-10.

[59]  Nathalie Louise Foster,et al.  The application of software and safety engineering techniques to security protocol development , 2002 .

[60]  Rune Winther,et al.  Security Assessments of Safety Critical Systems Using HAZOPs , 2001, SAFECOMP.

[61]  Tim Kelly,et al.  Deriving safety requirements using scenarios , 2001, Proceedings Fifth IEEE International Symposium on Requirements Engineering.

[62]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[63]  Bashar Nuseibeh,et al.  Requirements engineering: a roadmap , 2000, ICSE '00.

[64]  Bruce Schneier,et al.  Secrets and Lies: Digital Security in a Networked World , 2000 .

[65]  Jonathan D. Moffett,et al.  The Integration of Safety and Security Requirements , 1999, SAFECOMP.

[66]  R. Bell,et al.  IEC 61508: functional safety of electrical/electronic/ programme electronic safety-related systems: overview , 1999 .

[67]  H. Schneider Failure mode and effect analysis : FMEA from theory to execution , 1996 .

[68]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[69]  Stephen Fickas,et al.  Goal-Directed Requirements Acquisition , 1993, Sci. Comput. Program..

[70]  D.R. Wallace,et al.  An analysis of selected software safety standards , 1992, IEEE Aerospace and Electronic Systems Magazine.

[71]  Kyo Chul Kang,et al.  Feature-Oriented Domain Analysis (FODA) Feasibility Study , 1990 .