From goal‐driven security requirements engineering to secure design

Security of intelligent software systems is an important area of research. Although security is traditionally considered a technical issue; security is, in fact, a two‐dimensional problem, which involves technical as well as social challenges. Goal‐driven requirements engineering (GDRE) has been proposed in the literature as a suitable paradigm for the analysis of security issues and elicitation of security requirements at both the social and technical level. Nevertheless, there is lack of approaches, which would support the successful transformation of the elicited, using GDRE approaches, security requirements to design. This paper presents work that fills this gap. The presented approach, which is based on the integration of a goal‐driven security requirements engineering (GDSRE) methodology and a model‐based security engineering (MBSE) method, has some important features: (1) It provides a structured process to translate the results of the GDSRE method to a design, which satisfies these requirements; (2) it allows the simultaneous elicitation and analysis of the security requirements and the functional requirements of the system; (3) it allows consideration of both the social and the technical dimensions of the system's security; (4) it guides software engineers toward a design that is amenable to formal verification with the aid of automated tools. We demonstrate the applicability of the proposed approach at the hand of an application to the electronic purse standard common electronic purse specifications (released by Visa International and others). © 2010 Wiley Periodicals, Inc.