A system for seamless support from security requirements analysis to security design using a software security knowledge base

Atsuo Hazeyama, Hikaru Miyahara, Takafumi Tanaka, Hironori Washizaki, Haruhiko Kaiya, Takao Okubo, Nobukazu Yoshioka

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Owing to the widespread use of the internet, software services are being provided to millions of consumers and the importance of software security has increased considerably. Specifically, difficulties in developing a security design based on the results of a security requirements analysis are a focal point for investigation. One promising approach for addressing these difficulties is to create a knowledge base for secure software development and a process for utilizing it. The information obtained regarding the security design of the knowledge base, which is associated with the knowledge used in the security requirements analysis, can be considered during the design phase. This paper describes the development of a system that seamlessly supports the design phase based on the results of a security requirements analysis and the knowledge base. We then present an example to demonstrate the usefulness of the proposed system. This knowledge base maintains an association between knowledge types and is traceable. Therefore, if the knowledge used to create a type of artifact evolves, it is possible to detect artifacts used knowledge associated with it.

Original languageEnglish
Title of host publicationProceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages134-140
Number of pages7
ISBN (Electronic)9781728151656
DOIs
Publication statusPublished - 2019 Sep
Event27th IEEE International Requirements Engineering Conference Workshops, REW 2019 - Jeju Island, Korea, Republic of
Duration: 2019 Sep 232019 Sep 27

Publication series

NameProceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019

Conference

Conference27th IEEE International Requirements Engineering Conference Workshops, REW 2019
CountryKorea, Republic of
CityJeju Island
Period19/9/2319/9/27

Keywords

  • Secure software development support
  • Software security knowledge base

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality
  • Artificial Intelligence

Fingerprint Dive into the research topics of 'A system for seamless support from security requirements analysis to security design using a software security knowledge base'. Together they form a unique fingerprint.

  • Cite this

    Hazeyama, A., Miyahara, H., Tanaka, T., Washizaki, H., Kaiya, H., Okubo, T., & Yoshioka, N. (2019). A system for seamless support from security requirements analysis to security design using a software security knowledge base. In Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019 (pp. 134-140). [8933789] (Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/REW.2019.00029