Goal-Oriented Elaboration of Security Requirements

We suggest an approach to software development that integrates elaboration of security requirements at an early stage of the software life cycle. Reasoning about security in goal-oriented requirements engineering allows one to anticipate malicious behaviours of agents in the environment of the software-to-be and thereby systematically build more robust systems. We will elaborate attack patterns whose instantiation on a specific system will generate resolution strategies to avoid them, either by design strenghtening or by some alternative design. Cryptographic techniques will contribute to build secure systems that are resistant against hostile environment agents. The suggested approach is based on a formal specification methodology that has been validated on industrial projects. Acknowledgements I am grateful to my supervisor, Axel van Lamsweerde, for his helpful guidance in my work. I am grateful to Emmanuel Letier for his insightful advice and tips about the KAOS spirit. I am grateful to Christophe Ponsard for our discussions about the run-time aspects of security. I would like to thank Bashar Nuseibeh and the Requirements Engineering Group at Imperial College London for their warm welcome. During these five months I had the opportunity to taste what research is like. I also thank the Policy Group at Imperial College for their helpful experience about security management issues with the Ponder framework. I am grateful to everybody else who gave me support during my work.