MAR(S)2: Methodology to articulate the requirements for security In SCADA

Author

Gopal, Tanaya ; Subbaraju, Madhuri ; Joshi, Rajiv V. ; Dey, Shuvashis

Author_Institution

Sch. of Comput. Sci., Univ. of Manchester, Manchester, UK

fYear

2014

fDate

13-15 Aug. 2014

Firstpage

103

Lastpage

108

Abstract

Security requirement is an important aspect of system´s development. There are numerous security requirements methodologies, which have been developed till date. Research is still going on to improve or create new methodologies that will make a system as secure as possible. Asset management, risk assessment, validation of functional and non-functional security requirements and security requirements elicitation are some of the important part of a security requirements methodology. However most of the security requirements methodologies in use today such as SQUARE, UMLSec, Secure Tropos and CORAS fail to perform one or more of these functions. Additionally, very few methodologies focus on critical infrastructure industrial systems like SCADA. This paper introduces a methodology (MAR(S)2) that incorporates all the important functions, which will produce a strong methodology that produces a profound and well-defined security requirements for SCADA systems.

Keywords

SCADA systems; Unified Modeling Language; asset management; formal specification; risk management; security of data; CORAS; SCADA systems; SQUARE; Secure Tropos; UMLSec; asset management; critical infrastructure industrial systems; nonfunctional security requirements elicitation; risk assessment; security requirements methodology; Object oriented modeling; Risk management; SCADA systems; Security; Software; Unified modeling language; SCADA; requirements engineering; security;

fLanguage

English

Publisher

ieee

Conference_Titel

Innovative Computing Technology (INTECH), 2014 Fourth International Conference on

Conference_Location

Luton

Type

conf

DOI

10.1109/INTECH.2014.6927744

Filename

6927744