Reusable knowledge in security requirements engineering: a systematic mapping study. Issue 2 (June 2016)
- Record Type:
- Journal Article
- Title:
- Reusable knowledge in security requirements engineering: a systematic mapping study. Issue 2 (June 2016)
- Main Title:
- Reusable knowledge in security requirements engineering: a systematic mapping study
- Authors:
- Souag, Amina
Mazo, Raúl
Salinesi, Camille
Comyn-Wattiau, Isabelle - Abstract:
- Abstract Security is a concern that must be taken into consideration starting from the early stages of system development. Over the last two decades, researchers and engineers have developed a considerable number of methods for security requirements engineering. Some of them rely on the (re)use of security knowledge. Despite some existing surveys about security requirements engineering, there is not yet any reference for researchers and practitioners that presents in a systematic way the existing proposals, techniques, and tools related to security knowledge reuse in security requirements engineering. The aim of this paper is to fill this gap by looking into drawing a picture of the literature on knowledge and reuse in security requirements engineering. The questions we address are related to methods, techniques, modeling frameworks, and tools for and by reuse in security requirements engineering. We address these questions through a systematic mapping study. The mapping study was a literature review conducted with the goal of identifying, analyzing, and categorizing state-of-the-art research on our topic. This mapping study analyzes more than thirty approaches, covering 20 years of research in security requirements engineering. The contributions can be summarized as follows: (1) A framework was defined for analyzing and comparing the different proposals as well as categorizing future contributions related to knowledge reuse and security requirements engineering; (2) theAbstract Security is a concern that must be taken into consideration starting from the early stages of system development. Over the last two decades, researchers and engineers have developed a considerable number of methods for security requirements engineering. Some of them rely on the (re)use of security knowledge. Despite some existing surveys about security requirements engineering, there is not yet any reference for researchers and practitioners that presents in a systematic way the existing proposals, techniques, and tools related to security knowledge reuse in security requirements engineering. The aim of this paper is to fill this gap by looking into drawing a picture of the literature on knowledge and reuse in security requirements engineering. The questions we address are related to methods, techniques, modeling frameworks, and tools for and by reuse in security requirements engineering. We address these questions through a systematic mapping study. The mapping study was a literature review conducted with the goal of identifying, analyzing, and categorizing state-of-the-art research on our topic. This mapping study analyzes more than thirty approaches, covering 20 years of research in security requirements engineering. The contributions can be summarized as follows: (1) A framework was defined for analyzing and comparing the different proposals as well as categorizing future contributions related to knowledge reuse and security requirements engineering; (2) the different forms of knowledge representation and reuse were identified; and (3) previous surveys were updated. We conclude that most methods should introduce more reusable knowledge to manage security requirements. … (more)
- Is Part Of:
- Requirements engineering. Volume 21:Issue 2(2016)
- Journal:
- Requirements engineering
- Issue:
- Volume 21:Issue 2(2016)
- Issue Display:
- Volume 21, Issue 2 (2016)
- Year:
- 2016
- Volume:
- 21
- Issue:
- 2
- Issue Sort Value:
- 2016-0021-0002-0000
- Page Start:
- 251
- Page End:
- 283
- Publication Date:
- 2016-06
- Subjects:
- Reusability -- Security requirements -- Knowledge -- Ontologies -- Patterns -- Templates
Requirements engineering -- Periodicals
Software engineering -- Periodicals
Computer software -- Development -- Periodicals
Logiciels -- Développement -- Périodiques
Génie logiciel -- Périodiques
005.12 - Journal URLs:
- http://firstsearch.oclc.org ↗
http://firstsearch.oclc.org/journal=0947-3602;screen=info;ECOIP ↗
http://link.springer-ny.com/link/service/journals/00766/index.htm ↗
http://www.springerlink.com/content/0947-3602/ ↗
http://www.springer.com/gb/ ↗ - DOI:
- 10.1007/s00766-015-0220-8 ↗
- Languages:
- English
- ISSNs:
- 0947-3602
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 7713.844000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 10044.xml