Towards the Extension of Secure Tropos Language to Support Software Product Lines Development

Daniel Mellado, Haralambos Mouratidis

2012

Abstract

The elicitation of security requirements for Software Product Lines (SPL) is a challenging task, mainly due to the varying security properties required in different products, for the diversity of market segments, and the constraint of simultaneously maintaining the cost-effective principle of the SPL paradigm. Goal-driven security requirements engineering approaches, such as Secure Tropos, have been proposed in the literature as a suitable paradigm for elicitation of security requirements and their analysis on both a social and a technical dimension. Nevertheless, on one hand, security requirements engineering methodologies are not appropriately tailored to the specific demands of SPL, while on the other hand specific proposals of SPL engineering have traditionally ignored security requirements. This paper presents work that fills this gap by proposing an extension to the Secure Tropos language to support SPL.

References

  1. A. Birk and G. Heller, Challenges for requirements engineering and management in software product line development. International Conference on Requirements Engineering (REFSQ 2007), 2007: p. 300-305.
  2. J. Bosh, Design & Use of Software Architectures. 2000: Pearson Education Limited.
  3. P. Bresciani, P. Giorgini, F. Giunchiglia, J. Mylopoulos, and A. Perini, Tropos: AgentOriented Software Development Methodology. 2004: Journal of Autonomous Agents and Multi-Agent System. p. 203-236.
  4. P. Clements and L. Northrop, Software Product Lines: Practices and Patterns. SEI Series in Software Engineering. 2002: Addison-Wesley.
  5. J. Kim, M. Kim, and S. Park, Goal and scenario bases domain requirements analysis environment, in The Journal of Systems and Software. 2005. p. 926 - 938.
  6. J.D. McGregor, Testing a Software Product Line, in Testing Techniques in Software Engineering, P. Borba, et al., Editors. 2010, Springer. p. 104-140.
  7. D. Mellado, C. Blanco, L.E. Sanchez, and E. Fernández-Medina, A Systematic Review of Security Requirements Engineering. Computers Standards & Interfaces 2010. 32: p. 153- 165.
  8. D. Mellado, E. Fernández-Medina, and M. Piattini, Security requirements engineering framework for software product lines. Information and Software Technology, 2010. 52: p. 1094-1117.
  9. H. Mouratidis, Secure Tropos: An Agent Oriented Software Engineering Methodology for the Development of Health and Social Care Information Systems. International Journal of Computer Science and Security, 2009. 3(3): p. 241-271.
  10. H. Mouratidis and J. Jürjens, From goal-driven security requirements engineering to secure design. International Journal of Intelligent Systems, 2010. 25(8): p. 813-840.
Download


Paper Citation


in Harvard Style

Mellado D. and Mouratidis H. (2012). Towards the Extension of Secure Tropos Language to Support Software Product Lines Development . In Proceedings of the 9th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2012) ISBN 978-989-8565-15-0, pages 69-76. DOI: 10.5220/0004094500690076


in Bibtex Style

@conference{wosis12,
author={Daniel Mellado and Haralambos Mouratidis},
title={Towards the Extension of Secure Tropos Language to Support Software Product Lines Development},
booktitle={Proceedings of the 9th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2012)},
year={2012},
pages={69-76},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004094500690076},
isbn={978-989-8565-15-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 9th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2012)
TI - Towards the Extension of Secure Tropos Language to Support Software Product Lines Development
SN - 978-989-8565-15-0
AU - Mellado D.
AU - Mouratidis H.
PY - 2012
SP - 69
EP - 76
DO - 10.5220/0004094500690076