Arguing security: validating security requirements using structured argumentation

This paper proposes using both formal and structured informal arguments to show that an eventual realized system can satisfy its security requirements. These arguments, called 'satisfaction arguments', consist of two parts: a formal argument based upon claims about domain properties, and a set of informal arguments that justify the claims. Building on our earlier work on trust assumptions and security requirements, we show how using satisfaction arguments assists in clarifying how a system satisfies its security requirements, in the process identifying those properties of domains that are critical to the requirements

An integrated framework for representing design history

Design is a difficult and complex process requiring; creativity, experience, domain knowledge, and problem solving skills. Much of the information that is used and generated during the design process is rarely explicitly recorded. This includes the reasons why design decisions were made. This information is commonly referred to as design rationale (DR). As a result many of the tasks that are performed during the design process are still poorly understood and modifications to designs can have unforeseen and possibly dangerous consequences. [Continues.

The treatment of non-functional requirements in MIKE

... this paper it is shown how non-functional requirements are modelled in MIKE, an approach to the development of knowledge-based systems. A semi-formal hypermedia-based model is used to describe the results of the elicitation and interpretation of non-functional requirements and their relationships. Non-functional requirements are the driving force behind the decisions taken in the design phase of MIKE. The impact of non-functional requirements on design decisions and interdependencies between design decisions are explicitly recorded in an additional model in MIKE, thus resulting in a rich documentation of the rationale of design decisions and also providing an important contribution to the traceability of these requirement

Arguing satisfaction of security requirements

This chapter presents a process for security requirements elicitation and analysis, based around the construction of a satisfaction argument for the security of a system. The process starts with the enumeration of security goals based on assets in the system, then uses these goals to derive security requirements in the form of constraints. Next, a satisfaction argument for the system is constructed, using a problem-centered representation, a formal proof to analyze properties that can be demonstrated, and structured informal argumentation of the assumptions exposed during construction of the argument. Constructing the satisfaction argument can expose missing and inconsistent assumptions about system context and behavior that effect security, and a completed argument provides assurances that a system can respect its security requirements

End-to-End Rationale Reconstruction

The logic behind design decisions, called design rationale, is very valuable. In the past, researchers have tried to automatically extract and exploit this information, but prior techniques are only applicable to specific contexts and there is insufficient progress on an end-to-end rationale information extraction pipeline. Here we outline a path towards such a pipeline that leverages several Machine Learning (ML) and Natural Language Processing (NLP) techniques. Our proposed context-independent approach, called Kantara, produces a knowledge graph representation of decisions and of their rationales, which considers their historical evolution and traceability. We also propose validation mechanisms to ensure the correctness of the extracted information and the coherence of the development process. We conducted a preliminary evaluation of our proposed approach on a small example sourced from the Linux Kernel, which shows promising results