Loading…

E-SCORE: A web-based tool for security requirements engineering

As digital systems continue to grow in popularity, they also become more vulnerable to various forms of attacks with various motives, including financial gain and political influence. In response, engineers must consider system security from the design phase. However, defining security requirements...

Full description

Saved in:
Bibliographic Details
Published in:SoftwareX 2024-05, Vol.26, p.101704, Article 101704
Main Authors: Hnaini, Hiba, Mazo, Raúl, Champeau, Joël, Vallejo, Paola, Galindo, Jose
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:As digital systems continue to grow in popularity, they also become more vulnerable to various forms of attacks with various motives, including financial gain and political influence. In response, engineers must consider system security from the design phase. However, defining security requirements at this stage can be challenging. To address this challenge, we propose E-SCORE, a web-based tool that streamlines the security requirements engineering process. E-SCORE implements the SCORE (Security Criteria Ontology for security Requirements Engineering) (i) to suggest security mechanisms and additional criteria to enhance security coverage and (ii) to facilitate security analysis of the system. An example of banking system usage is provided. Through our approach, we could define ten additional security requirements for a single requirement. Therefore, E-SCORE offers a valuable resource for engineers to ensure the security of digital systems across various domains.
ISSN:2352-7110
2352-7110
DOI:10.1016/j.softx.2024.101704