FESR: A Framework for Eliciting Security Requirements Based on Integration of Common Criteria and Weakness Detection Formal Model

@article{Li2017FESRAF,
  title={FESR: A Framework for Eliciting Security Requirements Based on Integration of Common Criteria and Weakness Detection Formal Model},
  author={Hongbo Li and Xiaohong Li and Jianye Hao and Guangquan Xu and Zhiyong Feng and Xiaofei Xie},
  journal={2017 IEEE International Conference on Software Quality, Reliability and Security (QRS)},
  year={2017},
  pages={352-363}
}
It is critical and foremost to come up with the corresponding security requirements first which the following implementations are based on. However, previous security requirement elicitation work based on Common Criteria (CC) rarely addresses the detailed elicitation process of threats from specific functional requirements, which thus results in the widen gap between specific functional requirements and their corresponding threats. To this end, this paper proposes a framework for eliciting… CONTINUE READING