Security requirements engineering with STS-Tool

IRIS

WepresentthelatestversionofSTS-Tool,themodellingandanalysis support tool for STS-ml, an actor- and goal-oriented security requirements mod- elling language for socio-technical systems. We show how the STS-Tool supports requirements analysts and security designers in (i) modelling socio-technical sys- tems as a set of interacting actors, who have security needs over their interactions, and (ii) deriving security requirements for the system-to-be. The tool integrates a set of automated reasoning techniques that allow checking if a given STS-ml model is well-formed, verifying whether there are any conflicts among security requirements, and calculating the threat trace of events threatening actors’ assets. We first illustrate the modelling and reasoning activities supported by STS-ml, to then guide the design of a secure socio-technical system from the eGovernment domain through a series of exercises

Security requirements engineering with STS-Tool

Paja, Elda;Poggianella, Mauro;Dalpiaz, Fabiano;Roberti, Pierluigi;Giorgini, Paolo

2014-01-01

Abstract

WepresentthelatestversionofSTS-Tool,themodellingandanalysis support tool for STS-ml, an actor- and goal-oriented security requirements mod- elling language for socio-technical systems. We show how the STS-Tool supports requirements analysts and security designers in (i) modelling socio-technical sys- tems as a set of interacting actors, who have security needs over their interactions, and (ii) deriving security requirements for the system-to-be. The tool integrates a set of automated reasoning techniques that allow checking if a given STS-ml model is well-formed, verifying whether there are any conflicts among security requirements, and calculating the threat trace of events threatening actors’ assets. We first illustrate the modelling and reasoning activities supported by STS-ml, to then guide the design of a secure socio-technical system from the eGovernment domain through a series of exercises

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
				2014
			
	Titolo del libro (Book title)
	
				Secure and Trustworthy Service Composition The Aniketos Approach
			
	Luogo di edizione (Place of publication)
	
				germania
			
	Casa editrice (Publisher)
	
				Berlin: Springer-Verlag
			
	ISBN
	
				9783319135175
			
	Tutti gli autori
	
						Paja, Elda; Poggianella, Mauro; Dalpiaz, Fabiano; Roberti, Pierluigi; Giorgini, Paolo
					
	Appare nelle tipologie:
	
				02.1 Saggio su volume miscellaneo o Capitolo di libro (Essay or Book Chapter)

File in questo prodotto:

File	Dimensione	Formato
nessos-2014.pdf Solo gestori archivio Tipologia: Versione editoriale (Publisher’s layout) Licenza: Tutti i diritti riservati (All rights reserved) Dimensione 5.27 MB Formato Adobe PDF Visualizza/Apri	5.27 MB	Adobe PDF	Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/101731

Citazioni

ND

1

ND

ND

social impact