Using the AMAN-DA method to generate security requirements: a case study in the maritime domain

Journal article

Souag, A., Mazo, R., Salinesi, C. and Comyn-Wattiau, I. 2018. Using the AMAN-DA method to generate security requirements: a case study in the maritime domain. Requirements Engineering Journal. 23 (557–580). https://doi.org/10.1007/s00766-017-0279-5
AuthorsSouag, A., Mazo, R., Salinesi, C. and Comyn-Wattiau, I.
Abstract

Security requirements are known to be “the most difficult of requirements types” and potentially the ones causing the greatest risk if they are not correct. One approach to requirements elicitation is based on the reuse of explicit knowledge. AMAN-DA is a requirement elicitation method that reuses encapsulated knowledge in security and domain ontologies to produce security requirements specifications. The main research question addressed in this paper is to what extent is AMAN-DA able to generate domain-specific security requirements? Following a well-documented process, a case study related to the maritime domain was undertaken with the goal to demonstrate the utility and effectiveness of AMAN-DA for the elicitation and analysis of domain-specific security requirements. The usefulness of the method was also evaluated with a group of 12 experts. The paper demonstrates the elicitation of domain-specific security requirements by presenting the AMAN-DA method and its application. It describes the evaluation and reports some significant results and their implications for practice and future research, especially for the field of knowledge reuse in requirements engineering.

KeywordsSecurity; Requirements engineering ; Domain; Ontologies; Case study
Year2018
JournalRequirements Engineering Journal
Journal citation23 (557–580)
PublisherSpringer
ISSN0947-3602
1432-010X
Digital Object Identifier (DOI)https://doi.org/10.1007/s00766-017-0279-5
Official URLhttps://link.springer.com/article/10.1007/s00766-017-0279-5
Publication dates
Online22 Sep 2017
PrintNov 2018
Publication process dates
Accepted04 Sep 2017
Deposited25 Oct 2023
Permalink -

https://repository.canterbury.ac.uk/item/961z4/using-the-aman-da-method-to-generate-security-requirements-a-case-study-in-the-maritime-domain

  • 13
    total views
  • 0
    total downloads
  • 1
    views this month
  • 0
    downloads this month

Export as

Related outputs

Design and implementation of a cost-aware and smart oyster mushroom cultivation system
Souag, A., Elewi, A., Hajhamed, A., Khankan, R., Duman, S. and Ahmed, A. 2024. Design and implementation of a cost-aware and smart oyster mushroom cultivation system. Smart Agricultural Technology. Volume 8. https://doi.org/10.1016/j.atech.2024.100439
Cancer: Investigating the impact of the implementation platform on machine learning models
Olowolayemo, A. S., Souag, A. and Sirlantzis, K. 2024. Cancer: Investigating the impact of the implementation platform on machine learning models. in: Mengoni, M. and Souag, A. (ed.) AIHealth 2024, The First International Conference on AI-Health ThinkMind.
Why should everybody learn Artificial Intelligence?
Turner, S. and Souag, A. 2022. Why should everybody learn Artificial Intelligence? ETD blog, Canterbury Christ church University
How can the semantic web and ontologies help history and archeology
Souag, A. 2019. How can the semantic web and ontologies help history and archeology. in: Dans les dédales du web. Historiens en territoires numériques Paris Éditions de la Sorbonne.
Reusable knowledge in security requirements engineering: a systematic mapping study
Souag, A., Mazo, R., Salinesi, C. and Comyn-Wattiau, I. 2016. Reusable knowledge in security requirements engineering: a systematic mapping study. Requirements Engineering Journal. 21 (251–283). https://doi.org/10.1007/s00766-015-0220-8
A security ontology for security requirements elicitation
Souag, A. and Salinesi C., Mazo R., Comyn-Wattiau I. 2015. A security ontology for security requirements elicitation. https://doi.org/10.1007/978-3-319-15618-7_13
AMAN-DA: A knowledge reuse based approach for domain specific security requirements engineering
Souag, A. 2015. AMAN-DA: A knowledge reuse based approach for domain specific security requirements engineering. PhD Thesis Université Paris 1 Panthéon-Sorbonne CRI - Centre de Recherche en Informatique de Paris 1
A methodology for defining security requirements using security and domain ontologies
Souag, A., Salinesi C. and Comyn-Wattiau I. 2013. A methodology for defining security requirements using security and domain ontologies. Insight. Volume 16 (4), pp. 14-16. https://doi.org/10.1002/inst.201316414
Ontologies for security requirements: a literature survey and classification’
Souag, A. and Salinesi C., Comyn-Wattiau I. 2012. Ontologies for security requirements: a literature survey and classification’. https://doi.org/10.1007/978-3-642-31069-0_5