Secure Application Development
Home faculty program location registration subscribe related past events	Engineering requirements for high-assurance systems: a goal-oriented approach High-assurance systems are software-intensive systems where com¬pelling evidence is required that the system delivers its ser¬vices in a manner that satisfies certain critical properties such as safety, security, fault-tolerance and survivability. The elicitation, evaluation, specification, and analysis of software requirements for such properties to be satisfied are essential steps of the system development process. In particular, application-specific security concerns must be addressed from the earliest stages of the requirements engineering process. This first lecture introduces a systematic, goal-oriented approach to requirements engineering for high-assurance systems. The target of this approach is a complete, consistent, adequate, and structured set of software requirements and environment assumptions. The approach is model-based and partly relies on the use of formal specifications, when and where needed, for specific kinds of analyses. A method will be overviewed for building a multi-view system model that integrates system goals and their refinements; conceptual objects concerned by goals together with their inter-relationships; agents making the system, their responsibilities, and behaviors; and operations that ensure the goals. Such model allows us to highlight obstacles to goal satisfaction, including malicious obstacles set by attackers to obstruct security goals. Obstacles call for countermeasures to be integrated in the model. Such countermeasures yield new requirements for a more robust system.

Secure Application Development

Engineering requirements for high-assurance systems: a goal-oriented approach

High-assurance systems are software-intensive systems where com¬pelling evidence is required that the system delivers its ser¬vices in a manner that satisfies certain critical properties such as safety, security, fault-tolerance and survivability. The elicitation, evaluation, specification, and analysis of software requirements for such properties to be satisfied are essential steps of the system development process. In particular, application-specific security concerns must be addressed from the earliest stages of the requirements engineering process.

This first lecture introduces a systematic, goal-oriented approach to requirements engineering for high-assurance systems. The target of this approach is a complete, consistent, adequate, and structured set of software requirements and environment assumptions. The approach is model-based and partly relies on the use of formal specifications, when and where needed, for specific kinds of analyses.

A method will be overviewed for building a multi-view system model that integrates system goals and their refinements; conceptual objects concerned by goals together with their inter-relationships; agents making the system, their responsibilities, and behaviors; and operations that ensure the goals. Such model allows us to highlight obstacles to goal satisfaction, including malicious obstacles set by attackers to obstruct security goals. Obstacles call for countermeasures to be integrated in the model. Such countermeasures yield new requirements for a more robust system.