Magali Seguran scite author profile

Requirements engineering has been recognized as a fundamental phase of the software engineering process. Nevertheless, the elicitation and analysis of requirements are often left aside in favor of architecture-driven software development. This tendency, however, can lead to issues that may affect the success of a project. This paper presents our experience gained in the elicitation and analysis of requirements in a large-scale security-oriented European research project, which was originally conceived as an architecture-driven project. In particular, we illustrate the challenges that can be faced in large-scale research projects and consider the applicability of existing best practices and off-the-shelf methodologies with respect to the needs of such projects. We then discuss how those practices and methods can be integrated into the requirements engineering process and possibly improved to address the identified challenges. Finally, we summarize the lessons learned from our experience and the benefits that a proper requirements analysis can bring to a project.

show abstract

From Early Requirements Analysis towards Secure Workflows

Frankova

Massacci

Seguran³

View full text Add to dashboard Cite

Requirements engineering is a key step in the software development process that has little counterpart in the design of secure business processes and secure workflows for web services. This paper presents a methodology that allows a business process designer to derive the skeleton of the concrete coarse grained secure business process, that can be further refined into workflows, from the early requirements analysis.

show abstract

Organizational Patterns for Security and Dependability

Massacci

Asnar

Saidane

et al. 2011

View full text Add to dashboard Cite

Designing secure and dependable IT systems requires a deep analysis of organizational as well as social aspects of the environment where the system will operate. Domain experts and analysts often face security and dependability (S&D) issues they have already encountered before. These concerns require the design of S&D patterns to facilitate designers when developing IT systems. This article presents the experience in designing S&D organizational patterns, which was gained in the course of an industry lead EU project. The authors use an agent-goal-oriented modeling framework (i.e., the SI* framework) to analyze organizational settings jointly with technical functionalities. This framework can assist domain experts and analysts in designing S&D patterns from their experience, validating them by proof-of-concept implementations, and applying them to increase the security level of the system.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Magali Seguran

Secure Workflow Development from Early Requirements Analysis

Deriving business processes with service level agreements from early requirements

Requirements engineering within a large-scale security-oriented research project: lessons learned

From Early Requirements Analysis towards Secure Workflows

Organizational Patterns for Security and Dependability

Contact Info

Product

Resources

About