Threat Analysis in Goal-Oriented Security Requirements Modelling

نویسندگان

  • Per Håkon Meland
  • Elda Paja
  • Erlend Andreas Gjære
  • Stéphane Paul
  • Fabiano Dalpiaz
  • Paolo Giorgini
چکیده

Goal and threat modelling are important activities of security requirements engineering: goals express why a system is needed, while threats motivate the need for security. Unfortunately, existing approaches mostly consider goals and threats separately, and thus neglect the mutual influence between them. In this paper, we address this deficiency by proposing an approach that extends goal modelling with threat modelling and analysis. We show that this effort is not trivial and a trade-off between visual expressiveness, usability and usefulness has to be considered. Specifically, we integrate threat modelling with the socio-technical security modelling language (STS-ml), introduce automated analysis techniques that propagate threats in the combined models, and present tool support that enables reuse of threats facilitated by a threat repository. We illustrate our approach on a case study from the Air Traffic Management (ATM) domain, from which we extract some practical challenges. We conclude that threats provide a useful foundation and justification for the security requirements that we derive from goal modelling, but this should not be considered as a replacement to risk assessment. The usage of goals and threats early in the development process allows raising awareness of high-level security issues that occur regardless of the chosen technology and organizational processes.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

STS-Tool: Security Requirements Engineering for Socio-Technical Systems

We present the latest version of STS-Tool, the modelling and analysis support tool for STS-ml, an actorand goal-oriented security requirements modelling language for socio-technical systems. We show how the STS-Tool supports requirements analysts and security designers in (i) modelling socio-technical systems as a set of interacting actors, who have security needs over their interactions, and (...

متن کامل

Goal-oriented Analysis of Regulations

This paper explains how goal-oriented requirements engineering can be transposed into regulation modelling. It motivates also why this way of modelling regulations is worthwhile for people responsible for preparing regulations. In addition, the paper recounts how the approach has been applied to model ICAO Security Regulation for Civil Aviation in the context of the

متن کامل

A CASE Tool to Support Automated Modelling and Analysis of Security Requirements, Based on Secure Tropos

Secure Tropos, an extension of the Tropos methodology, considers security requirements alongside functional requirements, from the early stages of the system development process. The Secure Tropos language uses security concepts such as security constraint, secure goal, secure plan, secure resource, and threat to capture the security concepts from both social and organisational settings. These ...

متن کامل

Security Requirements Engineering with STS-Tool

In this chapter, we present STS-Tool, the modelling and analysis support tool for STS-ml, an actorand goal-oriented security requirements modelling language for socio-technical systems. STS-Tool is a standalone application written in Java and based on the Eclipse RCP Framework. It supports modelling a socio-technical system in terms of high-level primitives such as actor, goal delegation, and d...

متن کامل

STS-Tool: Using Commitments to Specify Socio-Technical Security Requirements

In this paper, we present STS-Tool, the modelling and analysis support tool for STS-ml, an actorand goal-oriented security requirements modelling language for Socio-Technical Systems (STSs). STS-Tool allows designers to model a socio-technical system at a high-level of abstraction, while expressing constraints (security needs) over the interactions between the actors in the STS, and derive secu...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IJSSE

دوره 5  شماره 

صفحات  -

تاریخ انتشار 2014