Aus SDQ-Wiki
Zur Navigation springen Zur Suche springen
Datum 2022/06/29 11:30 – 2022/06/29 12:30
Ort Hybrid
Vortragende(r) Sophie Schulz
Forschungsgruppe MCSE
Titel A comparison of security requirements engineering methods
Autoren Benjamin Fabian, Seda Gürses, Maritta Heisel, Thomas Santen & Holger Schmidt
PDF https://link.springer.com/content/pdf/10.1007/s00766-009-0092-x.pdf
URL https://link.springer.com/article/10.1007/s00766-009-0092-x
BibTeX https://dblp.org/rec/journals/re/FabianGHSS10.html?view=bibtex
Abstract This paper presents a conceptual framework for security engineering, with a strong focus on security requirements elicitation and analysis. This conceptual framework establishes a clear-cut vocabulary and makes explicit the interrelations between the different concepts and notions used in security engineering. Further, we apply our conceptual framework to compare and evaluate current security requirements engineering approaches, such as the Common Criteria, Secure Tropos, SREP, MSRA, as well as methods based on UML and problem frames. We review these methods and assess them according to different criteria, such as the general approach and scope of the method, its validation, and quality assurance capabilities. Finally, we discuss how these methods are related to the conceptual framework and to one another.