Goal-directed requirements acquisition
6IWSSD Selected Papers of the Sixth International Workshop on Software Specification and Design
Fundamentals of computer security technology
Fundamentals of computer security technology
Requirements engineering: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Handling Obstacles in Goal-Oriented Requirements Engineering
IEEE Transactions on Software Engineering - special section on current trends in exception handling—part II
The Integration of Safety and Security Requirements
SAFECOMP '99 Proceedings of the 18th International Conference on Computer Computer Safety, Reliability and Security
Security Assessments of Safety Critical Systems Using HAZOPs
SAFECOMP '01 Proceedings of the 20th International Conference on Computer Safety, Reliability and Security
Deriving Safety Requirements Using Scenarios
RE '01 Proceedings of the Fifth IEEE International Symposium on Requirements Engineering
Introducing Abuse Frames for Analysing Security Requirements
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Eliciting security requirements with misuse cases
Requirements Engineering
RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
Integrating Formal Analysis and Design to Preserve Security Properties
HICSS '09 Proceedings of the 42nd Hawaii International Conference on System Sciences
Beyond Documents: Visualizing Informal Communication
REV '08 Proceedings of the 2008 Requirements Engineering Visualization
Software & Systems Requirements Engineering: In Practice
Software & Systems Requirements Engineering: In Practice
Problem frames and software engineering
Information and Software Technology
A comparison of security requirements engineering methods
Requirements Engineering - Special Issue on RE'09: Security Requirements Engineering; Guest Editors: Eric Dubois and Haralambos Mouratidis
A comparison of two approaches to safety analysis based on use cases
ER'07 Proceedings of the 26th international conference on Conceptual modeling
A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation
RE-VOTE '09 Proceedings of the 2009 First International Workshop on Requirements Engineering for e-Voting Systems
Integrating system modelling with safety activities
SAFECOMP'10 Proceedings of the 29th international conference on Computer safety, reliability, and security
Experience with Model-Based User-Centered Risk Assessment for Service Robots
HASE '10 Proceedings of the 2010 IEEE 12th International Symposium on High-Assurance Systems Engineering
Fault tree synthesis from UML models for reliability analysis at early design stages
ACM SIGSOFT Software Engineering Notes
Model-Driven Risk Analysis: The CORAS Approach
Model-Driven Risk Analysis: The CORAS Approach
Foundations of attack-defense trees
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Requirements Engineering - Special Issue on Digital privacy: theory, policies and technologies
A Computer-Aided Approach to Preliminary Hazard Analysis for Automotive Embedded Systems
ECBS '11 Proceedings of the 2011 18th IEEE International Conference and Workshops on Engineering of Computer-Based Systems
Integration of component fault trees into the UML
MODELS'10 Proceedings of the 2010 international conference on Models in software engineering
Computer-aided PHA, FTA and FMEA for automotive embedded systems
SAFECOMP'11 Proceedings of the 30th international conference on Computer safety, reliability, and security
Threat Tree Templates to Ease Difficulties in Threat Modeling
NBIS '11 Proceedings of the 2011 14th International Conference on Network-Based Information Systems
A Domain-Specific Safety Analysis for Digital Nuclear Plant Protection Systems
SSIRI-C '11 Proceedings of the 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement - Companion
Towards developing consistent misuse case models
Journal of Systems and Software
Task descriptions versus use cases
Requirements Engineering - Special Issue on REFSQ 2011
Supporting failure mode and effect analysis: a case study with failure sequence diagrams
REFSQ'12 Proceedings of the 18th international conference on Requirements Engineering: foundation for software quality
Extending the Problem Frames Approach for Capturing Non-functional Requirements
ICIS '12 Proceedings of the 2012 IEEE/ACIS 11th International Conference on Computer and Information Science
Comparing attack trees and misuse cases in an industrial setting
Information and Software Technology
| Hi-index | 0.00 |
When developing systems where safety and security are important aspects, these aspects have to be given special attention throughout the development, in particular in the requirements phase. There are many similar techniques within the safety and security fields, but few comparisons about what lessons that could be learnt and benefits to be gained. In this paper different techniques for identifying risk, hazard and threat of computer-supported systems are compared. This is done by assessing the techniques' ability to identify different risks in computer-supported systems in the environment where they operate. The purpose of this paper is therefore to investigate whether and how the techniques can mutually strengthen each other. The result aids practitioners in the selection and combination of techniques and researchers in focusing on gaps between the two fields. Among other things, the findings suggest that many safety techniques enforce a creative and systematic process by applying guide-words and structuring the results in worksheets, while security techniques tend to integrate system models with security models.