TY - GEN
T1 - Verifying security requirements using model checking technique for UML-based requirements specification
AU - Aoki, Yoshitaka
AU - Matsuura, Saeko
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2014/9/23
Y1 - 2014/9/23
N2 - Use case analysis is known to be an effective method to clarify functional requirements. Security requirements such as access or information control tend to increase the complexity of functional requirements, and therefore, need to be correctly implemented to minimize risks. However, general developers find it difficult to correctly specify adequate security requirements during the initial phases of the software development process. We propose a method to verify security requirements whose specifications are based on Unified Modeling Language (UML) using the model checking technique and Common Criteria security knowledge. Common Criteria assists in defining adequate security requirements in the form of a table. This helps developers verify whether UML-based requirements analysis models meet those requirements in the early stages of software development. The UML model and the table are transformed into a finite automaton in the UPPAAL model checking tool.
AB - Use case analysis is known to be an effective method to clarify functional requirements. Security requirements such as access or information control tend to increase the complexity of functional requirements, and therefore, need to be correctly implemented to minimize risks. However, general developers find it difficult to correctly specify adequate security requirements during the initial phases of the software development process. We propose a method to verify security requirements whose specifications are based on Unified Modeling Language (UML) using the model checking technique and Common Criteria security knowledge. Common Criteria assists in defining adequate security requirements in the form of a table. This helps developers verify whether UML-based requirements analysis models meet those requirements in the early stages of software development. The UML model and the table are transformed into a finite automaton in the UPPAAL model checking tool.
KW - Access Control
KW - Common Criteria
KW - Model Checking
KW - Security Requirements
KW - UML
KW - Verification
UR - http://www.scopus.com/inward/record.url?scp=84908637078&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84908637078&partnerID=8YFLogxK
U2 - 10.1109/RET.2014.6908674
DO - 10.1109/RET.2014.6908674
M3 - Conference contribution
AN - SCOPUS:84908637078
T3 - 2014 IEEE 1st International Workshop on Requirements Engineering and Testing, RET 2014 - Proceedings
SP - 18
EP - 25
BT - 2014 IEEE 1st International Workshop on Requirements Engineering and Testing, RET 2014 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2014 IEEE 1st International Workshop on Requirements Engineering and Testing, RET 2014
Y2 - 26 August 2014 through 26 August 2014
ER -