A bi-directional analysis technique for software safety and software security

With the recent rapid development of software technology, safety-critical and security-critical software is playing a more important role in people\u27s lives. The importance of system safety and system security has promoted much research on systematic techniques to develop complete safety and security requirements. Among the techniques used in the analysis of the software safety, bi-directional analysis has shown promise in security requirement analysis. This method combines a forward search from potential failure modes to their effects with a backward search from feasible hazards to the contributing causes of each hazard. We use bi-directional analysis to investigate the requirements for two applications in the areas of safety analysis and security analysis. The two contributions of this work both involve the application of the bi-directional analysis and develop systematic methods to apply it to these two different types of non-functional requirements analysis. The first application is to construct a systematic safety requirements analysis technique for a smart door product line. The final results include a reusable safety analysis and the discovery of missing safety requirements. The second application investigates a systematic security requirements technique for a Delay Tolerant Network protocol called the Bundle Protocol. This work improves an existing security analysis technique by integrating it with the bi- directional analysis to demonstrate and challenge the correctness and completeness of the resulting security requirements specifications. We also report the discovery of missing security requirements and the remediation of the security requirements. Both applications explore the technique of applying bi-directional analysis to software safety analysis and software security analysis and find that the bi-directional analysis assists in finding incorrect and incomplete requirements