Threat Analysis in Goal-Oriented Security Requirements Modelling

Socio-technical systems are an interplay of social (humans and organizations) and technical components interacting with one an- other to achieve their objectives. Security is a central issue in such com- plex systems, and it cannot be tackled only through technical mecha- nisms: the encryption of sensitive data while being transmitted, does not assure that the receiver will not disclose them to unauthorized parties. Therefore, dealing with security in socio-technical systems requires an analysis: (i) from a social and organizational perspective, to elicit the objectives and security requirements of each component; (ii) from a pro- cedural perspective, to define how the actors behave and interact with each other. But, socio-technical systems need to adapt to changes of the external environment, making the need to deal with security a prob- lem that has to be faced during all the systems’ life-cycle. We propose an iterative and incremental process to elicit security requirements and verify the socio-technical system’s compliance with such requirements throughout the systems’ life cycle.