The SecReq approach: From security requirements to secure design while Managing Software Evolution

Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandAufsatz in KonferenzbandForschungPeer-Review

Autoren

Organisationseinheiten

Externe Organisationen

  • Technische Universität Dortmund
Forschungs-netzwerk anzeigen

Details

OriginalspracheEnglisch
Titel des SammelwerksSoftware Engineering 2014
Herausgeber/-innenWilhelm Hasselbring, Nils Christian Ehmke
Herausgeber (Verlag)Gesellschaft fur Informatik (GI)
Seiten89-90
Seitenumfang2
ISBN (elektronisch)9783885796213
PublikationsstatusVeröffentlicht - 2014
VeranstaltungSoftware Engineering 2014 - Kiel, Deutschland
Dauer: 25 Feb. 201428 Feb. 2014

Publikationsreihe

NameLecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)
BandP227
ISSN (Print)1617-5468

Abstract

We present the security requirements & design approach SecReq developed in joint work over the last few years. As a core feature, this approach supports reusing security engineering experience gained during the development of security-critical software and feeding it back into the development process through the HeRA Heuristic Requirements Assistant. Based on this information a model-based security analysis of the software design can be performed using the UMLsec approach and its associated tool-platform CARiSMA. In recent work within the project DFG project SecVolution (SPP 1593 "Design For Future - Managed Software Evolution"), we have been extending the approach with techniques, tools, and processes that support security requirements and design analysis techniques for evolving information systems in order to ensure "lifelong" compliance to security requirements, heuristic tools and techniques that support elicitation of relevant changes in the environment.

ASJC Scopus Sachgebiete

Zitieren

The SecReq approach: From security requirements to secure design while Managing Software Evolution. / Jürjens, J.; Schneider, K.
Software Engineering 2014. Hrsg. / Wilhelm Hasselbring; Nils Christian Ehmke. Gesellschaft fur Informatik (GI), 2014. S. 89-90 (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI); Band P227).

Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandAufsatz in KonferenzbandForschungPeer-Review

Jürjens, J & Schneider, K 2014, The SecReq approach: From security requirements to secure design while Managing Software Evolution. in W Hasselbring & NC Ehmke (Hrsg.), Software Engineering 2014. Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI), Bd. P227, Gesellschaft fur Informatik (GI), S. 89-90, Software Engineering 2014, Kiel, Deutschland, 25 Feb. 2014. <https://dl.gi.de/items/01206906-ae3d-4bc7-8b67-fcf6c19bd550>
Jürjens, J., & Schneider, K. (2014). The SecReq approach: From security requirements to secure design while Managing Software Evolution. In W. Hasselbring, & N. C. Ehmke (Hrsg.), Software Engineering 2014 (S. 89-90). (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI); Band P227). Gesellschaft fur Informatik (GI). https://dl.gi.de/items/01206906-ae3d-4bc7-8b67-fcf6c19bd550
Jürjens J, Schneider K. The SecReq approach: From security requirements to secure design while Managing Software Evolution. in Hasselbring W, Ehmke NC, Hrsg., Software Engineering 2014. Gesellschaft fur Informatik (GI). 2014. S. 89-90. (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)).
Jürjens, J. ; Schneider, K. / The SecReq approach : From security requirements to secure design while Managing Software Evolution. Software Engineering 2014. Hrsg. / Wilhelm Hasselbring ; Nils Christian Ehmke. Gesellschaft fur Informatik (GI), 2014. S. 89-90 (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)).
Download
@inproceedings{45866562270d414e91de0e14e4e272ae,
title = "The SecReq approach: From security requirements to secure design while Managing Software Evolution",
abstract = "We present the security requirements & design approach SecReq developed in joint work over the last few years. As a core feature, this approach supports reusing security engineering experience gained during the development of security-critical software and feeding it back into the development process through the HeRA Heuristic Requirements Assistant. Based on this information a model-based security analysis of the software design can be performed using the UMLsec approach and its associated tool-platform CARiSMA. In recent work within the project DFG project SecVolution (SPP 1593 {"}Design For Future - Managed Software Evolution{"}), we have been extending the approach with techniques, tools, and processes that support security requirements and design analysis techniques for evolving information systems in order to ensure {"}lifelong{"} compliance to security requirements, heuristic tools and techniques that support elicitation of relevant changes in the environment.",
author = "J. J{\"u}rjens and K. Schneider",
year = "2014",
language = "English",
series = "Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)",
publisher = "Gesellschaft fur Informatik (GI)",
pages = "89--90",
editor = "Wilhelm Hasselbring and Ehmke, {Nils Christian}",
booktitle = "Software Engineering 2014",
address = "Germany",
note = "Software Engineering 2014 ; Conference date: 25-02-2014 Through 28-02-2014",

}

Download

TY - GEN

T1 - The SecReq approach

T2 - Software Engineering 2014

AU - Jürjens, J.

AU - Schneider, K.

PY - 2014

Y1 - 2014

N2 - We present the security requirements & design approach SecReq developed in joint work over the last few years. As a core feature, this approach supports reusing security engineering experience gained during the development of security-critical software and feeding it back into the development process through the HeRA Heuristic Requirements Assistant. Based on this information a model-based security analysis of the software design can be performed using the UMLsec approach and its associated tool-platform CARiSMA. In recent work within the project DFG project SecVolution (SPP 1593 "Design For Future - Managed Software Evolution"), we have been extending the approach with techniques, tools, and processes that support security requirements and design analysis techniques for evolving information systems in order to ensure "lifelong" compliance to security requirements, heuristic tools and techniques that support elicitation of relevant changes in the environment.

AB - We present the security requirements & design approach SecReq developed in joint work over the last few years. As a core feature, this approach supports reusing security engineering experience gained during the development of security-critical software and feeding it back into the development process through the HeRA Heuristic Requirements Assistant. Based on this information a model-based security analysis of the software design can be performed using the UMLsec approach and its associated tool-platform CARiSMA. In recent work within the project DFG project SecVolution (SPP 1593 "Design For Future - Managed Software Evolution"), we have been extending the approach with techniques, tools, and processes that support security requirements and design analysis techniques for evolving information systems in order to ensure "lifelong" compliance to security requirements, heuristic tools and techniques that support elicitation of relevant changes in the environment.

UR - http://www.scopus.com/inward/record.url?scp=84907905953&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84907905953

T3 - Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)

SP - 89

EP - 90

BT - Software Engineering 2014

A2 - Hasselbring, Wilhelm

A2 - Ehmke, Nils Christian

PB - Gesellschaft fur Informatik (GI)

Y2 - 25 February 2014 through 28 February 2014

ER -

Von denselben Autoren

  1. What you see is what you trace: a two-stage interview study on traceability practices and eye tracking potential

    Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

  2. Paving the Way Towards an Effective Vision Video Usage: An Exploratory Study

    Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandAufsatz in KonferenzbandForschungPeer-Review

  3. Human factors in model-driven engineering: future research goals and initiatives for MDE

    Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

  4. How Explainable Is Your System? Towards a Quality Model for Explainability

    Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandBeitrag in Buch/SammelwerkForschungPeer-Review

  5. Turning asynchronicity into an opportunity: asynchronous communication for shared understanding with vision videos

    Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review