Characterising and Analysing Security Requirements Modelling Initiatives

Abstract

With the continuously developing technology and growing complexity of software and systems, new demands and challenges appear for security, calling for new techniques and methods in addition to the already existing ones. The variety of initiatives and the variations in the characterizations makes it hard for users to select the most appropriate one for their needs. We propose a set of uniform characterizing dimensions with sub-categories for security requirements initiatives. The set is derived by analyzing classifications and comparison frameworks from review papers on modelling techniques for security requirements engineering. The dimensions can be used to guide context-dependent choices of initiatives and further research of their combination and integration.