Learn More
Security Requirements Engineering (SRE) deals with the specification of security requirements for the system-to-be starting with the analysis of security issues as soon as in the early requirements phase. STS-ml is an actor-and goal-oriented requirements modelling language for Socio-Technical Systems (STSs), which represents the security needs the(More)
Requirements are inherently prone to conflicts, for they originate from stakeholders with different, often opposite, needs. Security requirements are no exception. Importantly, their violation leads to severe effects, including privacy infringement, legal sanctions, and exposure to security attacks. Today's systems are Socio-Technical Systems (STSs): they(More)
Security Requirements Engineering (SRE) is concerned with the elicitation of security needs and the specification of security requirements of the system-to-be. Current approaches to SRE either express stakeholders' needs via high-level organisational abstractions that are hard to map to system design, or specify only technical security requirements. In this(More)
In this paper, we present STS-Tool, the modelling and analysis support tool for STS-ml, an actor-and goal-oriented security requirements modelling language for Socio-Technical Systems (STSs). STS-Tool allows designers to model a socio-technical system at a high-level of abstraction, while expressing constraints (security needs) over the interactions between(More)
Developing a security modeling language is a complex activity. Particularly, it becomes very challenging for Security Requirements Engineering (SRE) languages where social/organizational concepts are used to represent high-level business aspects, while security aspects are typically expressed in a technical jargon at a lower level of abstraction. In order(More)
Modern software systems operate within the context of larger socio-technical systems , wherein they interact—by exchanging data and outsourcing tasks—with other technical components, humans, and organisations. When interacting, these components (actors) operate autonomously; as such, they may disclose confidential information without being authorised, wreck(More)
Traditional approaches to business process modelling deal with security only after the business process has been defined, namely without considering security needs as input for the definition. This may require very costly corrections if new security issues are discovered. Moreover , security concerns are mainly considered at the system level without(More)
—Security Requirements Engineering (SRE) deals with the elicitation and analysis of security needs to specify security requirements for the system-to-be. In previous work, we have presented STS-ml, a security requirements modelling language for Socio-Technical Systems (STSs) that elicits security needs, using a goal-oriented approach, and derives the(More)
Current approaches in sociotechnical systems consider trust to be either cognitive—referring to actors' mental models of each other—or technical— referring to an actor's trust of a technical artifact. In this paper, we take a more expansive view of trust: in addition to the cognitive, we also consider trust in the architectural sense. Broadly, architectural(More)