Effective Security Requirements Analysis: HAZOP and Use Cases [chapter]

Thitima Srivatanakul, John A. Clark, Fiona Polack
2004 Lecture Notes in Computer Science  
Use cases are widely used for functional requirements elicitation. However, security non-functional requirements are often neglected in this requirements analysis process. As systems become increasingly complex current means of analysis will probably prove ineffective. In the safety domain a variety of effective analysis techniques have emerged over many years. Since the safety and security domains share many similarities, various authors have suggested that safety techniques might usefully
more » ... application in security. This paper takes one such technique, HAZOP, and applies it to one widely used functional requirement elicitation component, UML use cases, in order to provide systematic analysis of potential security issues at the start of system development.
doi:10.1007/978-3-540-30144-8_35 fatcat:v4d5xlwp6ffw3pjvimthrprjo4