Specifying and Reasoning over Socio-Technical Security Requirements with STS-Tool
We present the latest version of STS-Tool, the modelling and analysis support tool for STS-ml, an actor- and goal-oriented security requirements modelling language for socio-technical systems. STS-Tool allows designers to model a socio-technical system in terms of high-level primitives such as actor, goal, and delegation; to express security constraints over the interactions between the actors; and to derive security requirements once the modelling is done. The tool features a set of automated reasoning techniques for (i) checking if a given STS-ml model is well-formed, and (ii) determining if the specification of security requirements is consistent, that is, there are no conflicts among security requirements. These techniques have been implemented using disjuntive datalog programs. We have evaluated our tool through various industrial case studies.
Unable to display preview. Download preview PDF.
- 2.Dalpiaz, F., Paja, E., Giorgini, P.: Security requirements engineering via commitments. In: Proceedings of STAST 2011, pp. 1–8 (2011)Google Scholar
- 3.Paja, E., Dalpiaz, F., Giorgini, P.: Managing security requirements conflicts in socio-technical systems. In: Ng, W., Storey, V.C., Trujillo, J. (eds.) ER 2013. LNCS, vol. 8217, pp. 270–283. Springer, Heidelberg (2013)Google Scholar
- 4.Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: STS-tool: Using commitments to specify socio-technical security requirements. In: Castano, S., Vassiliadis, P., Lakshmanan, L.V.S., Lee, M.L. (eds.) ER 2012 Workshops 2012. LNCS, vol. 7518, pp. 396–399. Springer, Heidelberg (2012)CrossRefGoogle Scholar