We present the latest version of STS-Tool, the modelling and analysis support tool for STS-ml, an actor- and goal-oriented security requirements modelling language for socio-technical systems.We show how the STS-Tool supports requirements analysts and security designers in (i) modelling socio-technical systems as a set of interacting actors, who have security needs over their interactions, and (ii) deriving security requirements for the system-to-be. The tool integrates a set of automated reasoning techniques that allow checking if a given STS-ml model is well-formed, verifying whether there are any conflicts among security requirements, and calculating the threat trace of events threatening actors’ assets. We first illustrate the modelling and reasoning activities supported by STS-ml, to then guide the design of a secure socio-technical system from the eGovernment domain through a series of exercises.
|Titolo:||STS-Tool: Security Requirements Engineering for Socio-Technical Systems|
|Autori:||Paja, Elda; Dalpiaz, Fabiano; Giorgini, Paolo|
|Titolo del volume contenente il saggio:||Engineering Secure Future Internet Services and Systems - Current Research|
|Luogo di edizione:||Germania|
|Casa editrice:||Berlin: Springer-Verlag|
|Anno di pubblicazione:||2014|
|Appare nelle tipologie:||02.1 Saggio su volume miscellaneo o Capitolo di libro (Essay or Book Chapter)|