Reusable knowledge in security requirements engineering: a systematic mapping study

Journal article


Souag, A., Mazo, R., Salinesi, C. and Comyn-Wattiau, I. 2016. Reusable knowledge in security requirements engineering: a systematic mapping study. Requirements Engineering Journal. 21 (251–283). https://doi.org/10.1007/s00766-015-0220-8
AuthorsSouag, A., Mazo, R., Salinesi, C. and Comyn-Wattiau, I.
Abstract

Security is a concern that must be taken into consideration starting from the early stages of system development. Over the last two decades, researchers and engineers have developed a considerable number of methods for security requirements engineering. Some of them rely on the (re)use of security knowledge. Despite some existing surveys about security requirements engineering, there is not yet any reference for researchers and practitioners that presents in a systematic way the existing proposals, techniques, and tools related to security knowledge reuse in security requirements engineering. The aim of this paper is to fill this gap by looking into drawing a picture of the literature on knowledge and reuse in security requirements engineering. The questions we address are related to methods, techniques, modeling frameworks, and tools for and by reuse in security requirements engineering. We address these questions through a systematic mapping study. The mapping study was a literature review conducted with the goal of identifying, analyzing, and categorizing state-of-the-art research on our topic. This mapping study analyzes more than thirty approaches, covering 20 years of research in security requirements engineering. The contributions can be summarized as follows: (1) A framework was defined for analyzing and comparing the different proposals as well as categorizing future contributions related to knowledge reuse and security requirements engineering; (2) the different forms of knowledge representation and reuse were identified; and (3) previous surveys were updated. We conclude that most methods should introduce more reusable knowledge to manage security requirements.

KeywordsResusability; Security requirements; Knowledge; Ontologies; Patterns; Templates
Year2016
JournalRequirements Engineering Journal
Journal citation21 (251–283)
PublisherSpringer
ISSN0947-3602
1432-010X
Digital Object Identifier (DOI)https://doi.org/10.1007/s00766-015-0220-8
Official URLhttps://link.springer.com/article/10.1007/s00766-015-0220-8
Related URLhttps://paris1.hal.science/hal-01133226/file/Reusable%20knowledge%20in%20SRE%20V15.pdf
Publication dates
Online25 Feb 2015
PrintJun 2016
Publication process dates
Accepted14 Jan 2015
Deposited25 Oct 2023
Output statusPublished
Permalink -

https://repository.canterbury.ac.uk/item/961z5/reusable-knowledge-in-security-requirements-engineering-a-systematic-mapping-study

  • 30
    total views
  • 0
    total downloads
  • 1
    views this month
  • 0
    downloads this month

Export as

Related outputs

Machine learning in ASL fingerspelling recognition: A literature review
Pinnington, J., Souag, A. and Azhar, H. 2024. Machine learning in ASL fingerspelling recognition: A literature review. in: IEEE Xplore.
Utilising transformers for American Sign Language fingerspelling recognition
Pinnington, J., Souag, A. and Azhar, H. 2024. Utilising transformers for American Sign Language fingerspelling recognition. in: 24th International Symposium on Computational Intelligence and Informatics (CINTI 2024)
A novel dataset of annotated oyster mushroom images with environmental context for machine learning applications
Duman, S., Elewi, A., Hajhamed, A., Khankan, R., Souag, A. and Ahmed, A. 2024. A novel dataset of annotated oyster mushroom images with environmental context for machine learning applications. Data in Brief. https://doi.org/10.1016/j.dib.2024.111074
Design and implementation of a cost-aware and smart oyster mushroom cultivation system
Souag, A., Elewi, A., Hajhamed, A., Khankan, R., Duman, S. and Ahmed, A. 2024. Design and implementation of a cost-aware and smart oyster mushroom cultivation system. Smart Agricultural Technology. Volume 8. https://doi.org/10.1016/j.atech.2024.100439
Cancer: Investigating the impact of the implementation platform on machine learning models
Olowolayemo, A. S., Souag, A. and Sirlantzis, K. 2024. Cancer: Investigating the impact of the implementation platform on machine learning models. in: Mengoni, M. and Souag, A. (ed.) AIHealth 2024, The First International Conference on AI-Health ThinkMind.
Why should everybody learn Artificial Intelligence?
Turner, S. and Souag, A. 2022. Why should everybody learn Artificial Intelligence? ETD blog, Canterbury Christ church University
How can the semantic web and ontologies help history and archeology
Souag, A. 2019. How can the semantic web and ontologies help history and archeology. in: Dans les dédales du web. Historiens en territoires numériques Paris Éditions de la Sorbonne.
Using the AMAN-DA method to generate security requirements: a case study in the maritime domain
Souag, A., Mazo, R., Salinesi, C. and Comyn-Wattiau, I. 2018. Using the AMAN-DA method to generate security requirements: a case study in the maritime domain. Requirements Engineering Journal. 23 (557–580). https://doi.org/10.1007/s00766-017-0279-5
A security ontology for security requirements elicitation
Souag, A. and Salinesi C., Mazo R., Comyn-Wattiau I. 2015. A security ontology for security requirements elicitation. https://doi.org/10.1007/978-3-319-15618-7_13
AMAN-DA: A knowledge reuse based approach for domain specific security requirements engineering
Souag, A. 2015. AMAN-DA: A knowledge reuse based approach for domain specific security requirements engineering. PhD Thesis Université Paris 1 Panthéon-Sorbonne CRI - Centre de Recherche en Informatique de Paris 1
A methodology for defining security requirements using security and domain ontologies
Souag, A., Salinesi C. and Comyn-Wattiau I. 2013. A methodology for defining security requirements using security and domain ontologies. Insight. Volume 16 (4), pp. 14-16. https://doi.org/10.1002/inst.201316414
Ontologies for security requirements: a literature survey and classification’
Souag, A. and Salinesi C., Comyn-Wattiau I. 2012. Ontologies for security requirements: a literature survey and classification’. https://doi.org/10.1007/978-3-642-31069-0_5