A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities

Anderson R (2001) Security engineering: a guide to building dependable distributed systems. Wiley, London IBM Global Technology Services (2008) IBM internet security systems X-force 2007 trend statistics National Vulnerability Database. http://www.nvd.nist.gov/ SANS. http://www.sans.org/ Common Weakness Enumeration. http://www.cwe.mitre.org/ Common Vulnerability Scoring System. http://www.first.org/cvss/ Jürjens J (2004) Secure systems development with UML. Springer, Berlin Liu L, Yu E, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. In: Proceedings of the 11th IEEE international conference on requirements engineering. IEEE Computer Society, pp 151–161 Giorgini P, Massacci F, Mylopoulos J, Zannone N (2006) Requirements engineering for trust management: model, methodology, and reasoning. Int J Inf Secur 5(4):257–274 Schneier B (1999) Attack trees. Dr. Dobb’s J 24(12):21–29 Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Requir Eng 10(1):34–44 van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. In: Proceedings of the 26th international conference on software engineering. IEEE Computer Society, pp 148–157 Asnar Y, Moretti R, Sebastianis M, Zannone N (2008) Risk as dependability metrics for the evaluation of business solutions: a model-driven approach. In: Proceedings of the 3rd international conference on availability, reliability and security. IEEE Computer Society, pp 1240–1248 Matulevicius R, Mayer N, Mouratidis H, Dubois E, Heymans P, Genon N (2008) Adapting secure tropos for security risk management in the early phases of information systems development. In: Proceedings of the 20th international conference on advanced information systems engineering, LNCS 5074. Springer, pp 541–555 Braber F, Hogganvik I, Lund MS, Stolen K, Vraalsen F (2007) Model-based security analysis in seven steps—a guided tour to the CORAS method. BT Technol J 25(1):101–117 den Braber F, Dimitrakos T, Gran BA, Lund MS, Stolen K, Aagedal JO (2003) The CORAS methodology: model-based risk assessment using UML and UP. In: UML and the unified process. IGI Publishing, Hershey, PA, pp 332–357 Elahi G, Yu E (2007) A goal oriented approach for modeling and analyzing security trade-offs. In: Proceedings of 26th international conference on conceptual modeling, LNCS 4801. Springer, pp 375–390 ISO/IEC (2004) Management of information and communication technology security—part 1: concepts and models for information and communication technology security management. ISO/IEC 13335 Kissel ER (2005) Glossary of key information security terms. NIST IR 7298 Schneider FB (ed) (1998) Trust in cyberspace. National Academy Press, Washington Schneier B (2003) Beyond fear. Springer, Berlin McDermott JP (2000) Attack net penetration testing. In: Proceedings of the 2000 workshop on new security paradigms. ACM, pp 15–21 Phillips C, Swiler LP (1998) A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 workshop on new security paradigms. ACM, pp 71–79 Avizienis A, Laprie J-C, Randell B, Landwehr CE (2004) Basic concepts and taxonomy of dependable and secure computing. IEEE Trans Dependable Secur Comput 1(1):11–33 Massacci F, Mylopoulos J, Zannone N (2008) An ontology for secure socio-technical systems. In: Handbook of ontologies for business interaction, Chap. XI. The IDEA Group Schneier B (2007) The psychology of security. Commun ACM 50(5):128 Massacci F, Prest M, Zannone N (2005) Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation. Comp Stand Interf 27(5):445–455 Yu ESK (1995) Modeling strategic relationships for process reengineering. PhD thesis, University of Toronto Sindre G, Opdahl AL (2007) Capturing dependability threats in conceptual modelling. In: Conceptual modelling in information systems engineering. Springer, pp 247–260 Yu ESK (1997) Towards modeling and reasoning support for early-phase requirements engineering. In: Proceedings of the 3rd IEEE international conference on requirements engineering. IEEE Computer Society, pp 226–235 Chung L, Nixon BA, Yu E, Mylopoulos J (eds) (2000) Non-functional requirements in software engineering. Kluwer, Dordrecht Horkoff J (2006) Using i* models for evaluation. Master’s thesis, University of Toronto Vesely WE, Goldberg FF, Roberts N, Haasl DF (1981) Fault tree handbook. Technical Report NUREG-0492, U.S. Nuclear Regulatory Commission Hoglund G, McGraw G (2004) Exploiting software: how to break code. Addison-Wesley Professional, Reading Whittaker JA, Thompson H, Thompson HH, Thompson H (2003) How to break software security: effective techniques for security testing. Pearson Schumacher M, Fernandez-Buglioni E, Hybertson D, Buschmann F, Sommerlad P (2006) Security patterns: integrating security and systems engineering. Wiley, London Dardenne A, van Lamsweerde A, Fickas S (1993) Goal-directed requirements acquisition. Sci Comput Program 20:3–50 van Lamsweerde A, Letier E (2000) Handling obstacles in goal-oriented requirements engineering. IEEE Trans Softw Eng 26(10):978–1005 Bresciani P, Giorgini P, Giunchiglia F, Mylopoulos J, Perini A (2004) TROPOS: an agent-oriented software development methodology. J Auton Agents Multi-Agent Syst 8(3):203–236 Compagna L, Khoury PE, Krausová A, Massacci F, Zannone N (2009) How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns. Artif Intell Law 17(1):1–30 Massacci F, Zannone N (2008) A model-driven approach for the specification and analysis of access control policies. In: Proceedings of the OTM 2008 confederated international conferences, LNCS 5332. Springer, pp 1087–1103 Mouratidis H, Giorgini P (2007) Secure tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng 17(2):285–309 Asnar Y, Giorgini P (2006) Modelling risk and identifying countermeasure in organizations. In: Proceedings of the 1st international workshop on critical information infrastructures security, LNCS 4347. Springer, pp 55–66 Mayer N, Rifaut A, Dubois E (2005) Towards a risk-based security requirements engineering framework. In: Proceedings of the 11th workshop on requirements engineering for software quality Mayer N, Heymans P, Matulevicius R (2007) Design of a modelling language for information system security risk management. In: Proceedings of the 1st international conference on research challenges in information science, pp 121–132 Mayer N, Dubois E, Matulevicius R, Heymans P (2008) Towards a measurement framework for security risk management. In: Proceedings of modeling security workshop, 2008 Haley C, Laney R, Moffett J, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans Softw Eng 34(1):133–153 McDermott J, Fox C (1999) Using abuse case models for security requirements analysis. In: Proceedings of the 15th annual computer security applications conference. IEEE Computer Society, pp 55–66 Rostad L (2006) An extended misuse case notation: including vulnerabilities and the insider threat. In: Proceedings of the 12th working conference on requirements engineering: foundation for software quality Jürjens J (2008) Model-based security testing using UMLsec: a case study. Electron Notes Theoretical Comput Sci 220(1):93–104 Jürjens J, Schreck J, Yu Y (2008) Automated analysis of permission-based security using UMLsec. In: Proceedings of 11th international conference on fundamental approaches to software engineering, LNCS 4961. Springer, pp 292–295