Abstract
Security is nowadays an indispensable requirement in software systems. Traditional software engineering processes focus primarily on business requirements, leaving security as an afterthought to be addressed via generic “patched-on” defensive mechanisms. This approach is insufficient, and software systems need to have security functionality engineered within in a similar fashion as ordinary business functional requirements. Functional security requirements need to be elicited, analyzed, specified and validated at the early stages of the development life cycle. If the functional security requirements were not properly validated, then there is a risk of developing a system that is insecure, deeming it unusable. Acceptance testing is an effective technique to validate requirements. However, an ad hoc approach to develop acceptance tests will suffer the omission of important tests. This paper presents a systematic approach to develop executable acceptance tests that is specifically geared for model-based secure software engineering processes. The approach utilizes early-stage artifacts, namely misuse case and domain models, and robustness diagrams. The feasibility of the proposed approach is demonstrated by applying it to a real-world system. The results show that a comprehensive set of security acceptance tests can be developed based upon misuse case models for early-stage validation of functional security requirements.
Similar content being viewed by others
References
Jürjens J, Juerjens J (2005) Secure systems development with UML. Springer, Berlin
Sauvé JP, Abath Neto OL, Cirne W (2006) Easyaccept: a tool to easily create, run and drive development with automated acceptance tests. In: Proceedings on 2006 international workshop automation and software testing ACM, pp 111–117
Mantei MM, Teorey TJ (1988) Cost/benefit analysis for incorporating human factors in the software lifecycle. Commun ACM 31:428–439
Cohn M (2004) User stories applied: for agile software development. Addison-Wesley Professional, Reading
Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Requir Eng 10:34–44
Alexander I (2002) Initial industrial experience of misuse cases in trade-off analysis. In: Requirement Engineering 2002—proceedings on IEEE joint international conference, pp 61–68
Den Braber F, Dimitrakos T, Gran BA et al (2002) Model-based risk management using UML and UP. Issues Trends Inf Technol Manag Contemp Organ
Houmb SH, Den Braber F, Lund MS, Stølen K (2002) Towards a UML profile for model-based risk assessment. In: Critical system development with UML—proceedings UML’02 workshop. Citeseer, pp 79–91
Karpati P, Redda Y, Opdahl AL, Sindre G (2014) Comparing attack trees and misuse cases in an industrial setting. Inf Softw Technol 56:294–308. doi:10.1016/j.infsof.2013.10.004
Raspotnig C, Opdahl A (2013) Comparing risk identification techniques for safety and security requirements. J Syst Softw 86:1124–1151
Sindre G, Opdahl AL, Brevik GF (2002) Generalization/specialization as a structuring mechanism for misuse cases. Proc. 2nd symposium on requirements engineering: information security SREIS’02, Raleigh, North Carol
Sindre G, Opdahl AL (2001) Templates for misuse case description. In: Proceedings of 7th international workshop on requirements engineering: foundation for software quality. REFSQ2001 Switz
Kroll P, Kruchten P (2003) The rational unified process made easy: a practitioner’s guide to the RUP. Addison-Wesley Professional, Reading
Kulak D, Guiney E (2000) Use cases: requirements in context. Addison-Wesley, Reading
Basanieri F, Bertolino A, Marchetti E (2002) The cow_suite approach to planning and deriving test suites in UML projects. ≪ UML ≫ 2002—unified modeling language. Springer, Berlin, pp 383–397
Briand L, Labiche Y (2002) A UML-based approach to system testing. Softw Syst Model 1:10–42
Nebut C, Fleurey F, Le Traon Y, Jezequel J-M (2006) Automatic test generation: a use case driven approach. Softw Eng IEEE Trans 32:140–155
Ryser J, Glinz M (1999) A scenario-based approach to validating and testing software systems using statecharts. In: Proceedings 12th international conference on software, systems engineering and their application.
International Institute of Business Analysts: Business Analysts Body of Knowledge. www.iiba.org/babok-guide.aspx. Version 2.0. Last accessed March 2014
El-Attar M, Elish MO, Mahmood S, Miller J (2012) Is in-depth object-oriented knowledge necessary to develop quality robustness diagrams? J. Softw 7(11):2538–2552
El-Attar M, Miller J (2010) Developing comprehensive acceptance tests from use cases and robustness diagrams. Requir Eng 15:285–306
Sindre G (2007) Mal-activity diagrams for capturing attacks on business processes. Requirements engineering: foundation for software quality. Springer, Berlin, pp 355–366
Kariyuki, S. et al (2011) Acceptance testing based on relationships among use cases. In: Proceedings of 5th world congress for software quality, 2011.
Stephens M, Rosenberg D (2010) Design Driven Testing: Test Smarter, Not Harder. Apress
Roubtsov S (2006) Use case-based acceptance testing of a large industrial system: approach and experience report. In: Proceedings of testing: academic and industrial conference—practice and research techniques, 2006
El-Attar M (2014) From misuse cases to mal-activity diagrams: bridging the gap between functional security analysis and design. Softw Syst Model 13:173–190. doi:10.1007/s10270-012-0240-5
Dik SC (1997) The theory of functional grammar: the structure of the clause. Walter de Gruyter
El-Attar M (2010) Developing precise misuse cases with security robustness analysis. SEKE. pp 571–576
Rosenberg D, Scott K (1999) Use case driven object modeling with UML. Springer, Berlin
Mugridge R, Cunningham W (2005) Fit for developing software: framework for integrated tests. Pearson Education
Selenium Browser Automation: Selenium IDE. http://docs.seleniumhq.org/. Version 2.5.0. Last Accessed Mach 2014
Kundu D, Samanta D (2009) A novel approach to generate test cases from UML activity diagrams. J Object Technol 8:65–83
Beizer B, Wiley J (1996) Black box testing: techniques for functional testing of software and systems. IEEE Softw 13:98
Kutar M, Britton C, Wilson J (2000) Cognitive dimensions an experience report. Proceedings of the twelfth annual meeting of the Psychology of Programming Interest Group, Memoria, Cozenza Italy 2000:81–98
Wohlin C et al (2000) Experimentation in software engineering—an introduction. Kluwer, Dordrecht
El-Attar M (2012) Towards developing consistent misuse case models. J Syst Softw 85:323–339
Acknowledgments
The authors would like to acknowledge the support provided by the Deanship of Scientific Research (DSR) at King Fahd University of Petroleum and Minerals (KFUPM) for funding this work through project No. IN111028.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
El-Attar, M., Abdul-Ghani, H.A. Using security robustness analysis for early-stage validation of functional security requirements. Requirements Eng 21, 1–27 (2016). https://doi.org/10.1007/s00766-014-0208-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00766-014-0208-9