Abstract
Management of requirements evolution is a challenging process. Requirements change continuously making the traceability of requirements difficult and the monitoring of requirements unreliable. Moreover, changing requirements might have an impact on the security properties a system design should satisfy: certain security properties that are satisfied before evolution might no longer be valid or new security properties need to be satisfied after changes have been introduced. This paper presents SeCMER, a tool for requirements evolution management developed in the context of the SecureChange project. The tool supports automatic detection of requirement changes and violation of security properties using change-driven transformations. The tool also supports argumentation analysis to check security properties are preserved by evolution and to identify new security properties that should be taken into account.
Work partly supported by the project EU-FP7-ICT-FET-IP-SecureChange.
Chapter PDF
Similar content being viewed by others
Keywords
References
CASE Spec, http://www.analysttool.com/
Dimensions RM, http://www.serena.com/products/rm/index.html
IBM Rational DOORS, http://www-01.ibm.com/software/awdtools/doors/
IBM Requisite Pro, http://www-01.ibm.com/software/awdtools/reqpro/
IMKS Integrity (2009), http://www.mks.com/
EUROCONTROL ATM Strategy for the Years 2000+ Executive Summary (2003)
Bergmann, G., Horváth, Á., Ráth, I., Varró, D., Balogh, A., Balogh, Z., Ökrös, A.: Incremental Evaluation of Model Queries over EMF Models. In: Petriu, D.C., Rouquette, N., Haugen, Ø. (eds.) MODELS 2010. LNCS, vol. 6394, pp. 76–90. Springer, Heidelberg (2010)
Bergmann, G., et al.: Change-Driven Model Transformations. Change (in) the Rule to Rule the Change. Software and System Modeling (2011) (to appear)
Bergmann, G., et al.: D3.2 Methodology for Evolutionary Requirements, http://www.securechange.eu/sites/default/files/deliverables/D3.2-%20Methodology%20for%20Evolutionary%20Requirements_v3.pdf
Bergmann, G., et al.: D3.4 Proof of Concept Case Tool, http://www.securechange.eu/sites/default/files/deliverables/D3.4%20Proof-of-Concept%20CASE%20Tool%20for%20early%20requirements.pdf
Jackson, M.: Problem Frames: Analyzing and structuring software development problems. ACM Press, Addison Wesley (2001)
Massacci, F., Mylopoulos, J., Paci, F., Tun, T.T., Yu, Y.: An Extended Ontology for Security Requirements. In: Salinesi, C., Pastor, O. (eds.) CAiSE Workshops 2011. LNBIP, vol. 83, pp. 622–636. Springer, Heidelberg (2011)
Massacci, F., Mylopoulos, J., Zannone, N.: Computer-aided support for secure tropos. Automated Software Engg. 14, 341–364 (2007)
The Eclipse Project: Eclipse Modeling Framework, http://www.eclipse.org/emf
Tun, T.T., et al.: Model-based argument analysis for evolving security requirements. In: Proceedings of the 2010 Fourth International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2010, pp. 88–97. IEEE Computer Society, Washington, DC (2010)
Yu, Y., Tun, T.T.: OpenPF - The Open Requirements Engineering Lab, http://computing-research.open.ac.uk/trac/openre
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bergmann, G., Massacci, F., Paci, F., Tun, T.T., Varró, D., Yu, Y. (2012). A Tool for Managing Evolving Security Requirements. In: Nurcan, S. (eds) IS Olympics: Information Systems in a Diverse World. CAiSE 2011. Lecture Notes in Business Information Processing, vol 107. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29749-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-29749-6_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29748-9
Online ISBN: 978-3-642-29749-6
eBook Packages: Computer ScienceComputer Science (R0)