Use cases are widely used for functional requirements elicitation. However, security non-functional requirements are often neglected in this requirements analysis process. As systems become increasingly complex current means of analysis will probably prove ineffective. In the safety domain a variety of effective analysis techniques have emerged over many years. Since the safety and security domains share many similarities, various authors have suggested that safety techniques might usefully find application in security. This paper takes one such technique, HAZOP, and applies it to one widely used functional requirement elicitation component, UML use cases, in order to provide systematic analysis of potential security issues at the start of system development. HAZOP, requirement analysis, security analysis, use case © Springer-Verlag 2004.
CITATION STYLE
Srivatanakul, T., Clark, J. A., & Polack, F. (2004). Effective security requirements analysis: HAZOP and use cases. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3225, 416–427. https://doi.org/10.1007/978-3-540-30144-8_35
Mendeley helps you to discover research relevant for your work.