10,114 Hits in 4.0 sec

Automated analysis of security requirements through risk-based argumentation

Yijun Yu, Virginia N.L. Franqueira, Thein Than Tun, Roel J. Wieringa, Bashar Nuseibeh
2015 Journal of Systems and Software  
Using a uniform representation of risks and arguments, our automated checking of formal arguments can identify relevant risks as rebuttals to those arguments, and identify mitigations from publicly available  ...  The application of OpenRISA is illustrated with examples from a PIN Entry Device case study.  ...  We would like to thank our colleague Paul Piwek for feedback on earlier draft of the paper.  ... 
doi:10.1016/j.jss.2015.04.065 fatcat:qqzoirbikjborkastcqfw4wmqq

Towards User-Friendly Projectional Editors [chapter]

Markus Voelter, Janet Siegmund, Thorsten Berger, Bernd Kolb
2014 Lecture Notes in Computer Science  
A promising approach is projectional editing, a technique to directly manipulate the abstract syntax tree of a program, without relying on parsers.  ...  Our results show that the benefits of flexible language composition and diverse notations come at the cost of serious usability issues -which, however, can be effectively mitigated with facilities that  ...  Acknowledgements We thank Alexander Shatalin, Vaclav Pech and Konstantin Solomatov for clarifying details about MPS and feedback to this paper.  ... 
doi:10.1007/978-3-319-11245-9_3 fatcat:s4mbqt22tvdzdja2kiudfowecm

A Catalogue of iStar Extensions

Enyo Gonçalves, Tiago Heineck,, Jaelson Castro
2018 Anais do WER18 - Workshop em Engenharia de Requisitos  
So, to ease the identification of the previous extensions and its constructs is essential to next proposals.  ...  Motivated by this situation, the objective of this paper is to present a catalogue of iStar extensions.  ...  Acknowledgments The authors thank CNPQ/Brazil (Conselho Nacional de Desenvolvimento Científico e Tecnológico) for the financial support to the execution of this work, Universidade  ... 
doi:10.17771/pucrio.wer.inf2018-5 dblp:conf/wer/GoncalvesH0C18 fatcat:zcqoke4v3zganbagkzrwl5dvpu

Towards a Methodological Tool Support for Modeling Security-Oriented Processes [chapter]

Jacob Geisel, Brahim Hamid, David Gonzales, Jean-Michel Bruel
2016 Lecture Notes in Computer Science  
In our work, we propose a methodology to build domain specific process models with security concepts on the foundations of industry-relevant security approaches, backed by a security-oriented process model  ...  Unfortunately, these processes often offer only little or no support in order to meet security requirements.  ...  We choose to derive a text-based syntax to create instances of the metamodel using the Xtext Framework (Semco Naravas Process Model Editor).  ... 
doi:10.1007/978-3-319-45547-1_3 fatcat:ezxqseu44fcb7kbs6jjkpjvlwq

Architectures in an XML world

Joshua Lubell
2001 Markup languages  
approaches to reuse.  ...  Experience with APEX, an architecture processing tool implemented using XSLT (Extensible Style Language Transformations), demonstrates that architectures can fulfill a role not well served by alternative  ...  With architectures, however, a developer need only formally state the conformance requirement.  ... 
doi:10.1162/109966202760152167 fatcat:4o26h2unn5b4jeoj7apq4tevvu

Collaborative DDoS defense using flow-based security event information

Jessica Steinberger, Benjamin Kuhnert, Anna Sperotto, Harald Baier, Aiko Pras
2016 NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium  
To counteract such attacks, an approach is to move mitigation from the target network to the networks of Internet Service Providers (ISP).  ...  To facilitate the exchange of security event information in conjunction with widely adopted monitoring technologies, in particular network flows, we make use of the exchange format FLEX.  ...  The main advantage of our communication process over existing approaches is that it easily integrates with the existing infrastructure and is easy to deploy.  ... 
doi:10.1109/noms.2016.7502852 dblp:conf/noms/SteinbergerKSBP16 fatcat:ho6qxlocfbgqroeutr7kjndpsi

Using security robustness analysis for early-stage validation of functional security requirements

Mohamed El-Attar, Hezam Akram Abdul-Ghani
2014 Requirements Engineering  
The approach presented in [Basanieri] can be used to derive executable test cases from UML diagrams.  ...  In fact, we recommend using our approach in parallel with other requirements validation techniques.  ... 
doi:10.1007/s00766-014-0208-9 fatcat:wefosjclezbcfkra2qw7yd4ndi

Supporting Security Engineering at Design Time with Adequate Tooling

Jorn Eichler, Andreas Fuchs, Nico Lincke
2012 2012 IEEE 15th International Conference on Computational Science and Engineering  
We sketch the language and implementation requirements for our modeling tools, design and implementation considerations, and report on pitfalls and remaining issues with regard to the development of modeling  ...  To support the development and application of adequate DSMLs, agile approaches and frameworks to provide appropriate tooling are needed.  ...  Therefore, we identify the following requirements: • Simple, yet rigorous, specification, application, and modification of the DSML's abstract and concrete syntaxEasy mapping of abstract and concrete  ... 
doi:10.1109/iccse.2012.34 dblp:conf/cse/EichlerFL12 fatcat:s7bhcvfhwncclkbig42o76pona

Integration of safety analysis in model-driven software development

M.A. de Miguel, J.F. Briones, J.P. Silva, A. Alonso
2008 IET Software  
Language abstract syntaxes (metamodels), profiles, language mappings (model transformations) and language refinements, support the direct application of safety analysis to software architectures for the  ...  A model-driven development approach and the use of a platform-independent language are used to bridge the gap between safety analyses (failure mode effects and criticality analysis and fault tree analysis  ...  If the failure of a component is easy to occur, the safety goal will not be able to be met.  ... 
doi:10.1049/iet-sen:20070050 fatcat:3tj5l4ilwnhsxowzpwhmnpmdrq

Meta Modeling for Business Process Improvement

Florian Johannsen, Hans-Georg Fill
2017 Business & Information Systems Engineering  
This is due to rapidly changing customer requirements and an increase of inter-organizational business processes, which need to be considered from an end-to-end perspective.  ...  Furthermore, a corresponding software prototype has been implemented using a meta modeling platform to assess the technical feasibility of the approach.  ...  Therefore, the BPI roadmap presents a valuable contribution as it serves practitioners' need for workable and easy-to-use BPI approaches.  ... 
doi:10.1007/s12599-017-0477-1 fatcat:m2fqgpivxbgrpedfz23xkww2ue

Towards a Verification-Driven Iterative Development of Software for Safety-Critical Cyber-Physical Systems

Marjan Sirjani, Luciana Provenzano, Sara Abbaspour Asadollah, Mahshid Helali Moghadam, Mehrdad Saadatmand
2021 Journal of Internet Services and Applications  
Properties of interest are also derived from the structured requirements, and then model checking is used to formally verify the properties.  ...  In this paper, we propose a model-driven approach with a focus on guaranteeing safety using formal verification.  ...  Acknowledgment We would like to thank Edward Lee for reading the paper and giving us very useful comments.  ... 
doi:10.1186/s13174-021-00132-z fatcat:gpgdz3zzvfbrvce75g373mtl7i

An Approach for Creating Sentence Patterns for Quality Requirements

Jonas Eckhardt, Andreas Vogelsang, Henning Femmer
2016 2016 IEEE 24th International Requirements Engineering Conference Workshops (REW)  
ACKNOWLEDGEMENTS We would like to thank M. Broy, S. Eder, and M. Junker for their helpful comments on earlier versions of this work.  ...  With implicit, we mean that the content is contained in the requirement, but we need to interpret the requirement to derive the content.  ...  To mitigate this, we propose to validate the resulting patterns with quality requirements in practice and furthermore conduct interviews with practitioners concerning their willingness to use the patterns  ... 
doi:10.1109/rew.2016.057 dblp:conf/re/EckhardtVF16 fatcat:jpdgvj4j5vhknbnoh2wj6i7g7e

The use and limits of scientific names in biological informatics

David Remsen
2016 ZooKeys  
Because changes in syntax are not correlated with changes in semantics, scientific names may be used, singly or conflated into synonymous sets, to improve recall in pattern recognition or search and retrieval  ...  Names cannot be used, however, to improve precision. This is because changes in syntax do not uniquely identify changes in circumscription.  ...  Acknowledgements The author would like to extend his thanks and graditude to reviewers, Nico M Franz, Ph.D., Associate Professor and Curator of Insects, Arizona State University, and John Todd, Ph.D.,  ... 
doi:10.3897/zookeys.550.9546 pmid:26877660 pmcid:PMC4741222 fatcat:mtoafk55ebgirbf6qi5w3h74eq

Leveraging natural-language requirements for deriving better acceptance criteria from models

Alvaro Veizaga, Mauricio Alférez, Damiano Torre, Mehrdad Sabetzadeh, Lionel C. Briand, Elene Pitskhelauri
2020 ACM/IEEE International Conference on Model Driven Engineering Languages and Systems  
An existing AC derivation technique is then applied to the model that has now been enriched by the information extracted from NL requirements.  ...  We perform such reconciliation by devising an approach that automatically extracts AC-related information from NL requirements and helps modelers enrich their model with the extracted information.  ...  Rimay's main grammar rules are inspired by the Easy Approach to Requirements Syntax (EARS) templates [8] .  ... 
doi:10.1145/3365438.3410953 dblp:conf/models/VeizagaATSBP20 fatcat:etu27dcxrzhmpdjfwxmmkvzbka

Using Business Rules in Extreme Requirements [chapter]

Maria Carmen Leonardi, Julio Cesar Sampaio do Prado Leite
2002 Lecture Notes in Computer Science  
XR defines a requirements strategy that can be coupled with XP. In this article, we present an XR business rules based process.  ...  Extreme Requirements (XR) is a proposal that tries to improve the quality of Extreme Programming (XP). XP is a well known agile method for software production.  ...  To mitigate problem 4 , we propose to write derived situations from the scenario, with the goal of making the system fail.  ... 
doi:10.1007/3-540-47961-9_30 fatcat:ir6kfexwcrbldd2vk6ywclbmkq
« Previous Showing results 1 — 15 out of 10,114 results