Maritta Heisel scite author profile

This paper presents a conceptual framework for security engineering, with a strong focus on security requirements elicitation and analysis. This conceptual framework establishes a clear-cut vocabulary and makes explicit the interrelations between the different concepts and notions used in security engineering. Further, we apply our conceptual framework to compare and evaluate current security requirements engineering approaches, such as the Common Criteria, Secure Tropos, SREP, MSRA, as well as methods based on UML and problem frames. We review these methods and assess them according to different criteria, such as the general approach and scope of the method, its validation, and quality assurance capabilities. Finally, we discuss how these methods are related to the conceptual framework and to one another.

show abstract

A Problem-Based Approach for Computer-Aided Privacy Threat Identification

Beckers

Faβbender

Heisel

et al. 2014

View full text Add to dashboard Cite

A UML Profile for Requirements Analysis of Dependable Software

Hatebur

Heisel

2010

View full text Add to dashboard Cite

Modeling Safety-Critical Systems with Z and Petri Nets

Heiner

Heisel

1999

View full text Add to dashboard Cite

Proving Component Interoperability with B Refinement

Chouali

Heisel

Souquières

2006

Electronic Notes in Theoretical Computer Science

View full text Add to dashboard Cite

A Method to Derive Software Architectures from Quality Requirements

Alebrahim

Hatebur

Heisel

2011

View full text Add to dashboard Cite

Confidentiality-preserving refinement

Heisel

Pfitzmann

Santen

View full text Add to dashboard Cite

We develop a condition for confidentiality-preserving refinement which is both necessary and sufficient. Using a slight extension of CSP as notation, we give a toy example to illustrate the usefulness of our condition. Systems are specified by their behavior and a window. For an abstract system, the window specifies what information is allowed to be observed by its environment. For a concrete system, the window specifies what information cannot be hidden from its environment. A concrete system is a confidentiality-preserving refinement of an abstract system, if it behaviorally refines the abstract system and if the information revealed by the concrete window is allowed to be revealed according to the abstract window.

show abstract

Towards Systematic Integration of Quality Requirements into Software Architecture

Alebrahim

Hatebur

Heisel

2011

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Maritta Heisel

A comparison of security requirements engineering methods

A Problem-Based Approach for Computer-Aided Privacy Threat Identification

A UML Profile for Requirements Analysis of Dependable Software

Modeling Safety-Critical Systems with Z and Petri Nets

Proving Component Interoperability with B Refinement

A Method to Derive Software Architectures from Quality Requirements

Confidentiality-preserving refinement

Towards Systematic Integration of Quality Requirements into Software Architecture

Contact Info

Product

Resources

About