Requirements Engineering

, Volume 16, Issue 1, pp 55–73 | Cite as

A methodology for security assurance-driven system development

  • José Luis Vivas
  • Isaac Agudo
  • Javier López
Digital Privacy


In this work, we introduce an assurance methodology that integrates assurance case creation with system development. It has been developed in order to provide trust and privacy assurance to the evolving European project PICOS (Privacy and Identity Management for Community Services), an international research project focused on mobile communities and community-supporting services, with special emphasis on aspects such as privacy, trust, and identity management. The leading force behind the approach is the ambition to develop a methodology for building and maintaining security cases throughout the system development life cycle in a typical system engineering effort, when much of the information relevant for assurance is produced and feedback can be provided to system developers. The first results of the application of the methodology to the development of the PICOS platform are presented.


Security engineering Security assurance Assurance cases Built-in assurance 



The research leading to these results has received funding from the European Community’s Seventh Framework Programme (FP7/2007-2011) under grant agreement no. 215056.


  1. 1.
    Privacy and Identity Management for Community Services (PICOS).
  2. 2.
    Graydon PJ, Knight JC, Strunk EA (2007) Assurance based development of critical systems. In: 37th annual IEEE/IFIP international conference on Dependable Systems and Networks (DSN’07). pp 347–357Google Scholar
  3. 3.
    Goodenough J, Lipson H, Weinstock C (2007) Arguing security—creating security assurance cases. Carnegie Mellon University. Available at Last Accessed 19 Sep 2008
  4. 4.
    Jacobson Y, Christerson M, Jonsson P, Overgaard G (1992) Object-oriented software engineering—a use case driven approach. Addison Wesley/ACM Press, Massachusetts/New YorkzbMATHGoogle Scholar
  5. 5.
    Dawson S (2005) The genesys of cyberscience and its mathematical models. SRI International, System Design Laboratory. Technical report, number AFRL-IF-RS-TR-2005-49Google Scholar
  6. 6.
    Kalloniatis C, Kavakli E, Gritzalis S (2008) Addressing privacy requirements in system design: the PriS method. Requir Eng 13(3):241–255CrossRefGoogle Scholar
  7. 7.
    Liu L, Yu E, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. In: 11th IEEE international requirements engineering conference (RE’03), Monterey Bay, CA, pp 151–161Google Scholar
  8. 8.
    Liu L, Yu E, Mylopoulos J (2002) Analyzing security requirements as relationships among strategic actors, SREIS’02, e-proceedings, Raleigh, NCGoogle Scholar
  9. 9.
    Chung L (1993) Dealing with security requirements during the development of information systems. In: Proceedings of advanced information systems engineering, LNCS 685, pp 234–251Google Scholar
  10. 10.
    van Lamsweerde A, Letier E (2000) Handling obstacles in goal-oriented requirements engineering. IEEE Trans Softw Eng, special issue on exception handling 26(10):978–1005Google Scholar
  11. 11.
    Mylopoulos J, Chung L, Nixon B (1992) Representing and using non-functional requirements: a process-oriented approach. IEEE Trans Softw Eng 18(6):483–497CrossRefGoogle Scholar
  12. 12.
    Kalloniatis C, Kavakli E, Gritzalis S (2004) Security requirements engineering for eGovernment applications: analysis of current frameworks. In: Proceedings of the DEXA’04 EGOV’04 3rd international conference on electronic government, LNCS 3183, Zaragoza, Spain, Sep 2004, pp 66–71Google Scholar
  13. 13.
    Hope P, McGraw G, Antón AI (2004) Misuse and abuse cases: getting past the positive. IEEE Secur Priv 2(3):90–92CrossRefGoogle Scholar
  14. 14.
    Software security assurance: A State-of-the-Art Report (SOAR), 31 July 2007Google Scholar
  15. 15.
    Wilander J, Gustavsson J (2005) Security requirements—a field study of current practice. In: E-proceedings of the symposium on requirements engineering for information security, 2005Google Scholar
  16. 16.
    Strunk EA, Knight JC (2006) The essential synthesis of problem frames and assurance cases. In: Proceedings of 2nd international workshop on applications and advances in problem frames, co-located with 29th international conference on software engineering, Shanghai, May 2006Google Scholar
  17. 17.
    Kelly T (2004) A systematic approach to safety case management. In: Proceedings SAE 2004 World Congress, Detroit, USA, 2004Google Scholar
  18. 18.
    Jackson MA (2001) Problem frames: analysing and structuring software development problem. Addison Wesley Publishing Company, MassachusettsGoogle Scholar
  19. 19.
    Hall JG, Rapanotti L (2008) Assurance-driven design. In: The third international conference on software engineering advances, 2008 (ICSEA, 2008), Oct 2008, pp 379–388Google Scholar
  20. 20.
    Hall JG, Rapanotti L, Jackson M (2007) Problem oriented software engineering: a design-theoretic framework for software engineering. In: Proceedings of the fifth IEEE international conference on software engineering and formal methods, pp 15–24Google Scholar
  21. 21.
    Bloomfield RE, Bishop PG, Jones CCM, Froome PKD (1998) ASCAD—Adelard Safety Case Development Manual, Adelard 1998, ISBN 0 953377105Google Scholar
  22. 22.
    Scott Ankrum AT, Kromholz AH (2006) Structured assurance cases: three common standards’ (slides presented at the Association for Software Quality [ASQ] Section 509 Software Special Interest Group meeting, McLean, VA, 23 Jan 2006Google Scholar
  23. 23.
    Larsen KG, Xinxin L (1991) Compositionality through an operational semantics of contexts. J Log Comput 1(6):761–795zbMATHCrossRefGoogle Scholar
  24. 24.
    Milner R (1980) A calculus of communicating systems. Springer, ISBN 0-387-10235-3Google Scholar
  25. 25.
    Hennessy M, Milner R (1980) On observing nondeterminism and concurrency. In: de Bakker JW, van Leeuwen J (eds) Automata, languages and programming, 7th colloquium, vol 85 of Lecture Notes in Computer Science, Noordweijkerhout, Springer, The Netherlands, 14–18 July 1980, pp 299–309Google Scholar
  26. 26.
    ISTPA International Security Trust and Privacy Association (2007) Analysis of privacy principles: making privacy operational, Version 2.0Google Scholar
  27. 27.
    Potts C (1995) Using schematic scenarios to understand user needs. In: Proceedings of DIS’95—ACM symposium on designing interactive systems: processes, practices and techniques. University of MichiganGoogle Scholar

Copyright information

© Springer-Verlag London Limited 2010

Authors and Affiliations

  1. 1.Computer Science DepartmentUniversity of MalagaMálagaSpain

Personalised recommendations