BERT-Based Secure and Smart Management System for Processing Software Development Requirements from Security Perspective

Abstract

Software requirements management is the first and essential stage for software development practices, from all perspectives, including the security of software systems. Work here focuses on enabling software requirements managers with all the information to help build streamlined software requirements. The focus is on ensuring security which is addressed in the requirements management phase rather than leaving it late in the software development phases. The approach is proposed to combine useful knowledge sources like customer conversation, industry best practices, and knowledge hidden within the software development processes. The financial domain and agile models of development are considered as the focus area for the study. Bidirectional encoder representation from transformers (BERT) is used in the proposed architecture to utilize its language understanding capabilities. Knowledge graph capabilities are explored to bind together the knowledge around industry sources for security practices and vulnerabilities. These information sources are being used to ensure that the requirements management team is updated with critical information. The architecture proposed is validated in light of the financial domain that is scoped for this proposal. Transfer learning is also explored to manage and reduce the need for expensive learning expected by these machine learning and deep learning models. This work will pave the way to integrate software requirements management practices with the data science practices leveraging the information available in the software development ecosystem for better requirements management.