Authors:
Roman Wirtz
and
Maritta Heisel
Affiliation:
University of Duisburg-Essen, Germany
Keyword(s):
Risk Management, Security, Risk Identification, Threats, Requirements Engineering.
Abstract:
Security is a key factor for providing high-quality software. In the last few years, a significant number of security incidents has been reported. Considering scenarios that may lead to such incidents right from the beginning of software development, i.e. during requirements engineering, reduces the likelihood of such incidents significantly. Furthermore, the early consideration of security reduces development effort since identified scenarios do not need to be fixed in later stages of the development lifecycle. Currently, the identification of possible incident scenarios requires high expertise from security engineers and is often performed in brainstorming sessions. Those sessions often lack a systematic process which can lead to overlooking relevant aspects. Our aim is to bring together security engineers and requirements engineers. In this paper, we propose a systematic, tool-based and model-based method to identify incident scenarios based on functional requirements by following
the principle of security-by-design. Our method consists of two parts: First, we enhance the initial requirements model with necessary domain knowledge, and second we systematically collect relevant scenarios and further refine them. For all steps, we provide validation conditions to detect errors as early as possible when carrying out the method. The final outcome of our method is a CORAS threat model that contains the identified scenarios in relation with the requirements model.
(More)