A Methodological Approach to Evaluate Security Requirements Engineering Methodologies: Application to the IREHDO2 Project Context - Archive ouverte HAL Accéder directement au contenu
Article Dans Une Revue Journal of Cybersecurity and Privacy Année : 2021

A Methodological Approach to Evaluate Security Requirements Engineering Methodologies: Application to the IREHDO2 Project Context

Résumé

An effective network security requirement engineering is needed to help organizations in capturing cost-effective security solutions that protect networks against malicious attacks while meeting the business requirements. The diversity of currently available security requirement engineering methodologies leads security requirements engineers to an open question: How to choose one? We present a global evaluation methodology that we applied during the IREHDO2 project to find a requirement engineering method that could improve network security. Our evaluation methodology includes a process to determine pertinent evaluation criteria and a process to evaluate the requirement engineering methodologies. Our main contribution is to involve stakeholders (i.e., security requirements engineers) in the evaluation process by following a requirement engineering approach. We describe our experiments conducted during the project with security experts and the feedback we obtained. Although we applied it to evaluate three requirements engineering methods (KAOS, STS and SEPP) in the context of network security, our evaluation methodology can be instantiated in other contexts and other methods.

Dates et versions

hal-03323564 , version 1 (21-08-2021)

Identifiants

Citer

Romain Laborde, Sravani Teja Bulusu, Ahmad Samer Wazan, Arnaud Oglaza, Abdelmalek Benzekri. A Methodological Approach to Evaluate Security Requirements Engineering Methodologies: Application to the IREHDO2 Project Context. Journal of Cybersecurity and Privacy, 2021, 1 (3), pp.422-452. ⟨10.3390/jcp1030022⟩. ⟨hal-03323564⟩
65 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More