Abstract
In this chapter, we present STS-Tool, the modelling and analysis support tool for STS-ml, an actor- and goal-oriented security requirements modelling language for socio-technical systems. STS-Tool is a standalone application written in Java and based on the Eclipse RCP Framework. It supports modelling a socio-technical system in terms of high-level primitives such as actor, goal delegation, and document exchange; to express security constraints over the interactions between the actors; and to derive security requirements once the modelling is done. It also supports analysing the created STS-ml models in terms of (i) well-formedness, (ii) violation of security requirements, and (iii) threats impact over actors’ assets. We also present the architecture of STS-Tool together with its main features and provide technical details of the modelling and analysis capabilities.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Dalpiaz, F., Paja, E., Giorgini, P.: Security requirements engineering via commitments. In: Proceedings of STAST 2011, pp. 1–8 (2011)
The Eclipse Foundation. Eclipse modeling framework project (emf). Lastchecked (March 2014)
The Eclipse Foundation. Gef (mvc). Lastchecked (March 2014)
Northover, S., Wilson, M.: Swt: the standard widget toolkit, vol. 1. Addison-Wesley Professional (2004)
Paja, E., Dalpiaz, F., Giorgini, P.: Managing security requirements conflicts in socio-technical systems. In: Proceedings of ER (2013) (to appear)
Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: STS-Tool: socio-technical security requirements through social commitments. In: Proceedings of RE 2012, pp. 331–332 (2012)
Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: STS-Tool: Using commitments to specify socio-technical security requirements. In: Proceedings of ER 2012 Workshops, pp. 396–399 (2012)
Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: Specifying and reasoning over socio-technical security requirements with sts-tool. In: Proceedings of the 32nd International Conference on Conceptual Modeling, ER Workshops, pp. 504–507 (2013)
Singh, M.P.: An ontology for commitments in multiagent systems: Toward a unification of normative concepts. Artificial Intelligence and Law 7(1), 97–113 (1999)
Trösterer, S., Beck, E., Dalpiaz, F., Paja, E., Giorgini, P., Tscheligi, M.: Formative user-centered evaluation of security modeling: Results from a case study. International Journal of Secure Software Engineering 3(1), 1–19 (2012)
Vogel, L.: Building eclipse rcp applications based on eclipse 4 (2013), Revision history: Revision 0.1 - 6.9 February 14, 2009-July 4, 2013
Vogel, L.: Eclipse jface tree - tutorial (2013) Revision history: Revision 0.1-0.1-3.3 August 22, 2010-October 15, 2013
Xenos, S.: Inside the workbench a guide to the workbench internals (October 2005) (Lastchecked: March, 2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Paja, E., Poggianella, M., Dalpiaz, F., Roberti, P., Giorgini, P. (2014). Security Requirements Engineering with STS-Tool. In: Brucker, A.D., Dalpiaz, F., Giorgini, P., Meland, P.H., Rios, E. (eds) Secure and Trustworthy Service Composition. Lecture Notes in Computer Science, vol 8900. Springer, Cham. https://doi.org/10.1007/978-3-319-13518-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-13518-2_7
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13517-5
Online ISBN: 978-3-319-13518-2
eBook Packages: Computer ScienceComputer Science (R0)