Advertisement

Specifying and Reasoning over Socio-Technical Security Requirements with STS-Tool

  • Elda Paja
  • Fabiano Dalpiaz
  • Mauro Poggianella
  • Pierluigi Roberti
  • Paolo Giorgini
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8217)

Abstract

We present the latest version of STS-Tool, the modelling and analysis support tool for STS-ml, an actor- and goal-oriented security requirements modelling language for socio-technical systems. STS-Tool allows designers to model a socio-technical system in terms of high-level primitives such as actor, goal, and delegation; to express security constraints over the interactions between the actors; and to derive security requirements once the modelling is done. The tool features a set of automated reasoning techniques for (i) checking if a given STS-ml model is well-formed, and (ii) determining if the specification of security requirements is consistent, that is, there are no conflicts among security requirements. These techniques have been implemented using disjuntive datalog programs. We have evaluated our tool through various industrial case studies.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Dalpiaz, F., Giorgini, P., Mylopoulos, J.: Adaptive Socio-Technical Systems: a Requirements-driven Approach. Requirements Engineering 18(1), 1–24 (2013)CrossRefGoogle Scholar
  2. 2.
    Dalpiaz, F., Paja, E., Giorgini, P.: Security requirements engineering via commitments. In: Proceedings of STAST 2011, pp. 1–8 (2011)Google Scholar
  3. 3.
    Paja, E., Dalpiaz, F., Giorgini, P.: Managing security requirements conflicts in socio-technical systems. In: Ng, W., Storey, V.C., Trujillo, J. (eds.) ER 2013. LNCS, vol. 8217, pp. 270–283. Springer, Heidelberg (2013)Google Scholar
  4. 4.
    Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: STS-tool: Using commitments to specify socio-technical security requirements. In: Castano, S., Vassiliadis, P., Lakshmanan, L.V.S., Lee, M.L. (eds.) ER 2012 Workshops 2012. LNCS, vol. 7518, pp. 396–399. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  5. 5.
    Singh, M.P.: An ontology for commitments in multiagent systems: Toward a unification of normative concepts. Artificial Intelligence and Law 7(1), 97–113 (1999)CrossRefGoogle Scholar
  6. 6.
    Trösterer, S., Beck, E., Dalpiaz, F., Paja, E., Giorgini, P., Tscheligi, M.: Formative user-centered evaluation of security modeling: Results from a case study. International Journal of Secure Software Engineering 3(1), 1–19 (2012)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Elda Paja
    • 1
  • Fabiano Dalpiaz
    • 2
  • Mauro Poggianella
    • 1
  • Pierluigi Roberti
    • 1
  • Paolo Giorgini
    • 1
  1. 1.University of TrentoItaly
  2. 2.University of TorontoCanada

Personalised recommendations