Security Requirements as Code: Example from VeriDevOps Project

Khaled Ismaeel, Alexandr Naumchev, Andrey Sadovykh, Dragos Truscan, Eduard Paul Enoiu, Cristina Seceleanu

Research output: Chapter in Book/Conference proceedingConference contributionScientificpeer-review

Abstract

This position paper presents and illustrates the concept of security requirements as code - a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Object-Oriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.

Original languageEnglish
Title of host publicationProceedings - 29th IEEE International Requirements Engineering Conference Workshops, REW 2021
EditorsTao Yue, Mehdi Mirakhorli
PublisherIEEE Computer Society
Pages357-363
Number of pages7
ISBN (Electronic)9781665418980
DOIs
Publication statusPublished - Sep 2021
MoE publication typeA4 Article in a conference publication
Event29th IEEE International Requirements Engineering Conference Workshops, REW 2021 - Virtual, Notre Dame, United States
Duration: 20 Sep 202124 Sep 2021

Publication series

NameProceedings of the IEEE International Conference on Requirements Engineering
Volume2021-September
ISSN (Print)1090-705X
ISSN (Electronic)2332-6441

Conference

Conference29th IEEE International Requirements Engineering Conference Workshops, REW 2021
Country/TerritoryUnited States
CityVirtual, Notre Dame
Period20/09/2124/09/21

Keywords

  • development
  • requirements as code
  • seamless
  • security
  • software

Fingerprint

Dive into the research topics of 'Security Requirements as Code: Example from VeriDevOps Project'. Together they form a unique fingerprint.

Cite this