An Agile Framework for Security Requirements: A Preliminary Investigation

Abstract

Requirements engineering (RE) is a crucial component in successful software development process. The idea of embedding the non-functional requirements (NFRs) such as performance, maintainability, modifiability, and others into a new software system is often implemented by software engineers. However, security as a crucial NFR is often ignored in the software development process. In this paper we address the importance of security as a NFR in the software development process. To that end, we propose a lightweight novel agile framework to analyze security requirements. We evaluate the proposed framework with a qualitative analysis and determine how it is useful to requirement analysts.