Title :
Security Driven Requirements Refinement and Exploration of Architecture with Multiple NFR Points of View
Author :
Okubo, Takanori ; Yoshioka, Nobukazu ; Kaiya, Haruhiko
Author_Institution :
Fujitsu Labs. Ltd., Kawasaki, Japan
Abstract :
Earlier software architecture design is essential particularly when it comes to security concerns, since security risks, requirements and architectures are all closely interrelated and interacting. We have proposed the security driven twin peaks method with a mutual refinement of the requirements, and architectures. However, there are multiple alternatives to an architecture design for initial requirements, and their choices depend on non-functional requirements (NFRs), such as security, performance, and cost which often largely change. We propose a new method we call TPM-SA2 to avoid any back-track in refinement. Each architectural alternative in TPM-SA2 is refined so that it aligns with the requirements. For each refinement, the requirements can be updated vice versa. TPM-SA2 enables us to predict the impacts on the NFRs by each candidate for the architecture, and choose the most appropriate one with respect to the impact. As a result, we can define the requirements and architectures, and estimated the development costs earlier than ever.
Keywords :
security of data; software architecture; TPM-SA2; initial requirements; multiple NFR points of view; nonfunctional requirements; security driven requirement exploration; security driven requirements refinement; security risks; software architecture design; Analytical models; Computer architecture; Estimation; Security; Spirals; Usability; requirement analysis; security; threat analysis; twin peaks;
Conference_Titel :
High-Assurance Systems Engineering (HASE), 2014 IEEE 15th International Symposium on
Conference_Location :
Miami Beach, FL
Print_ISBN :
978-1-4799-3465-2
DOI :
10.1109/HASE.2014.35
