Security Requirements Engineering with STS-Tool
In this chapter, we present STS-Tool, the modelling and analysis support tool for STS-ml, an actor- and goal-oriented security requirements modelling language for socio-technical systems. STS-Tool is a standalone application written in Java and based on the Eclipse RCP Framework. It supports modelling a socio-technical system in terms of high-level primitives such as actor, goal delegation, and document exchange; to express security constraints over the interactions between the actors; and to derive security requirements once the modelling is done. It also supports analysing the created STS-ml models in terms of (i) well-formedness, (ii) violation of security requirements, and (iii) threats impact over actors’ assets. We also present the architecture of STS-Tool together with its main features and provide technical details of the modelling and analysis capabilities.
Unable to display preview. Download preview PDF.
- 1.Dalpiaz, F., Paja, E., Giorgini, P.: Security requirements engineering via commitments. In: Proceedings of STAST 2011, pp. 1–8 (2011)Google Scholar
- 2.The Eclipse Foundation. Eclipse modeling framework project (emf). Lastchecked (March 2014)Google Scholar
- 3.The Eclipse Foundation. Gef (mvc). Lastchecked (March 2014)Google Scholar
- 4.Northover, S., Wilson, M.: Swt: the standard widget toolkit, vol. 1. Addison-Wesley Professional (2004)Google Scholar
- 5.Paja, E., Dalpiaz, F., Giorgini, P.: Managing security requirements conflicts in socio-technical systems. In: Proceedings of ER (2013) (to appear)Google Scholar
- 6.Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: STS-Tool: socio-technical security requirements through social commitments. In: Proceedings of RE 2012, pp. 331–332 (2012)Google Scholar
- 7.Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: STS-Tool: Using commitments to specify socio-technical security requirements. In: Proceedings of ER 2012 Workshops, pp. 396–399 (2012)Google Scholar
- 8.Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: Specifying and reasoning over socio-technical security requirements with sts-tool. In: Proceedings of the 32nd International Conference on Conceptual Modeling, ER Workshops, pp. 504–507 (2013)Google Scholar
- 11.Vogel, L.: Building eclipse rcp applications based on eclipse 4 (2013), Revision history: Revision 0.1 - 6.9 February 14, 2009-July 4, 2013Google Scholar
- 12.Vogel, L.: Eclipse jface tree - tutorial (2013) Revision history: Revision 0.1-0.1-3.3 August 22, 2010-October 15, 2013Google Scholar
- 13.Xenos, S.: Inside the workbench a guide to the workbench internals (October 2005) (Lastchecked: March, 2014)Google Scholar