Dimitrios Tsoukalas, Miltiadis Siavvas, Maria Mathioudaki and Dionysios Kehagias, Centre for Research and Technology Hellas, Author at IoTAC https://iotac.eu/author/tsoukjiti-gr/ Internet of Things Access Control Tue, 15 Feb 2022 20:21:49 +0000 en-US hourly 1 https://wordpress.org/?v=6.2.9 https://iotac.eu/wp-content/uploads/2020/11/cropped-favicon-32x32.jpg Dimitrios Tsoukalas, Miltiadis Siavvas, Maria Mathioudaki and Dionysios Kehagias, Centre for Research and Technology Hellas, Author at IoTAC https://iotac.eu/author/tsoukjiti-gr/ 32 32 Tsoukalas D, Siavvas M, Mathioudaki M, Kehagias D. 2021. An Ontology-based Approach for Automatic Specification, Verification, and Validation of Software Security Requirements: Preliminary Results. 21st International Conference on Software Quality, Reliability and Security (IEEE QRS). https://iotac.eu/tsoukalas-d-siavvas-m-mathioudaki-m-kehagias-d-2021-an-ontology-based-approach-for-automatic-specification-verification-and-validation-of-software-security-requirements-preliminary-results-21/ https://iotac.eu/tsoukalas-d-siavvas-m-mathioudaki-m-kehagias-d-2021-an-ontology-based-approach-for-automatic-specification-verification-and-validation-of-software-security-requirements-preliminary-results-21/#respond Tue, 07 Dec 2021 20:08:17 +0000 https://iotac.eu/?p=9067 The post Tsoukalas D, Siavvas M, Mathioudaki M, Kehagias D. 2021. An Ontology-based Approach for Automatic Specification, Verification, and Validation of Software Security Requirements: Preliminary Results. 21st International Conference on Software Quality, Reliability and Security (IEEE QRS). appeared first on IoTAC.

]]>
Download

Conference:
21st IEEE International Conference on Software Quality, Reliability and Security (QRS 2021)

Authors:
Tsoukalas D, Siavvas M, Mathioudaki M, Kehagias D.

Abstract:
Critical software vulnerabilities are often caused by incorrect, vague, or missing security requirements. Hence, there is a strong need in the software engineering community for tools that facilitate software engineers in eliciting and evaluating security requirements. Although several methods have been proposed for specifying, verifying, and validating security requirements, they require a lot of manual effort by requirement engineers, which hinders their practicality. To this end, we introduce a software security requirements specification mechanism, able to automatically identify the main concepts of a given set of security requirements expressed in natural language. Our mechanism applies syntactic and semantic analysis in order to transform requirements into appropriately structured ontology objects. We also propose a software security requirements verification and validation mechanism, which compares a given security requirement to a curated list of well-defined security requirements based on similarity checks, identifies inconsistencies, and proposes refinements. Both of the proposed mechanisms comprise standalone tools, implemented in the form of web services.
The capabilities of the proposed mechanisms are demonstrated through a set of test cases.

The post Tsoukalas D, Siavvas M, Mathioudaki M, Kehagias D. 2021. An Ontology-based Approach for Automatic Specification, Verification, and Validation of Software Security Requirements: Preliminary Results. 21st International Conference on Software Quality, Reliability and Security (IEEE QRS). appeared first on IoTAC.

]]> https://iotac.eu/tsoukalas-d-siavvas-m-mathioudaki-m-kehagias-d-2021-an-ontology-based-approach-for-automatic-specification-verification-and-validation-of-software-security-requirements-preliminary-results-21/feed/ 0