Loading…
E-SCORE: A web-based tool for security requirements engineering
As digital systems continue to grow in popularity, they also become more vulnerable to various forms of attacks with various motives, including financial gain and political influence. In response, engineers must consider system security from the design phase. However, defining security requirements...
Saved in:
Published in: | SoftwareX 2024-05, Vol.26, p.101704, Article 101704 |
---|---|
Main Authors: | , , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | As digital systems continue to grow in popularity, they also become more vulnerable to various forms of attacks with various motives, including financial gain and political influence. In response, engineers must consider system security from the design phase. However, defining security requirements at this stage can be challenging. To address this challenge, we propose E-SCORE, a web-based tool that streamlines the security requirements engineering process. E-SCORE implements the SCORE (Security Criteria Ontology for security Requirements Engineering) (i) to suggest security mechanisms and additional criteria to enhance security coverage and (ii) to facilitate security analysis of the system. An example of banking system usage is provided. Through our approach, we could define ten additional security requirements for a single requirement. Therefore, E-SCORE offers a valuable resource for engineers to ensure the security of digital systems across various domains. |
---|---|
ISSN: | 2352-7110 2352-7110 |
DOI: | 10.1016/j.softx.2024.101704 |