The alternating fixpoint of logic programs with negation
PODS '89 Proceedings of the eighth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Exploiting reusable specifications through analogy
Communications of the ACM
Goal-directed requirements acquisition
6IWSSD Selected Papers of the Sixth International Workshop on Software Specification and Design
Communications of the ACM
GRAIL/KAOS: an environment for goal-driven requirements engineering
ICSE '97 Proceedings of the 19th international conference on Software engineering
Requirements engineering: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Handling Obstacles in Goal-Oriented Requirements Engineering
IEEE Transactions on Software Engineering - special section on current trends in exception handling—part II
Alloy: a lightweight object modelling notation
ACM Transactions on Software Engineering and Methodology (TOSEM)
Critiquing Software Specifications
IEEE Software
Model-Based Development of Embedded Systems
OOIS '02 Proceedings of the Workshops on Advances in Object-Oriented Information Systems
SCR*: A Toolset for Specifying and Analyzing Software Requirements
CAV '98 Proceedings of the 10th International Conference on Computer Aided Verification
ASSAT: computing answer sets of a logic program by SAT solvers
Eighteenth national conference on Artificial intelligence
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Recognizing Safety and Liveness
Recognizing Safety and Liveness
Decomposing Properties into Safety and Liveness
Decomposing Properties into Safety and Liveness
Modelling strategic relationships for process reengineering
Modelling strategic relationships for process reengineering
FAUST: Formal Analysis Using Specification Tools
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Security and Privacy Requirements Analysis within a Social Setting
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
The CORAS methodology: model-based risk assessment using UML and UP
UML and the unified process
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Specifying and analyzing early requirements in Tropos
Requirements Engineering
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Eliciting security requirements with misuse cases
Requirements Engineering
Reasoning about confidentiality at requirements engineering time
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Modelling and Reasoning for Confidentiality Requirements in Software Development
ECBS '06 Proceedings of the 13th Annual IEEE International Symposium and Workshop on Engineering of Computer Based Systems
Hypermedia as a productivity tool for doctoral research
The New Review of Hypermedia and Multimedia - Special issue: Scholarly hypermedia
The DLV system for knowledge representation and reasoning
ACM Transactions on Computational Logic (TOCL)
Requirements engineering for trust management: model, methodology, and reasoning
International Journal of Information Security
Visualizing non-functional requirements
REV '06 Proceedings of the 1st international workshop on Requirements Engineering Visualization
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Computer Standards & Interfaces
Secure Systems Development with UML
Secure Systems Development with UML
Security and trust requirements engineering
Foundations of Security Analysis and Design III
Modeling social and individual trust in requirements engineering methodologies
iTrust'05 Proceedings of the Third international conference on Trust Management
Executable misuse cases for modeling security concerns
Proceedings of the 30th international conference on Software engineering
A Model-Driven Approach for the Specification and Analysis of Access Control Policies
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Mining and analysing security goal models in health information systems
SEHC '09 Proceedings of the 2009 ICSE Workshop on Software Engineering in Health Care
Journal of Systems and Software
A method for security governance, risk, and compliance (GRC): a goal-process approach
Foundations of security analysis and design VI
Orchestrating security and system engineering for evolving systems
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
SeCMER: a tool to gain control of security requirements evolution
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
Software and Systems Modeling (SoSyM)
| Hi-index | 0.00 |
In earlier work, we have introduced Secure Tropos, a requirements engineering methodology that extends the Tropos methodology and is intended for the design and analysis of security requirements. This paper briefly recaps the concepts proposed for capturing security aspects, and presents an implemented graphical CASE tool that supports the Secure Tropos methodology. Specifically, the tool supports the creation of Secure Tropos models, their translation to formal specifications, as well as the analysis of these specifications to ensure that they comply with specific security properties. Apart from presenting the tool, the paper also presents a two-tier evaluation consisting of two case studies and an experimental evaluation of the tool's scalability.