U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Requirements Engineering

Presents best practices for security requirements engineering, including processes that are specific to eliciting, specifying, analyzing, and validating security requirements. Example processes include CLASP, SQUARE, and recent work by Nuseibeh et al. Specific techniques that are relevant to security requirements, such as development of misuse/abuse cases and attack trees and specification techniques such as SCR, are also discussed or referenced.

See also "Threat Modeling: Diving into the Deep End."

Title Updated datesort ascending
An Evaluation of Cost-Benefit Using Security Requirements Prioritization Methods 2013-08-05
The Common Criteria 2013-07-05
SQUARE Process 2013-07-05
Requirements Prioritization Case Study Using AHP 2013-07-05
"Requirements Elicitation Case Studies Using IBIS, JAD, and ARM" 2013-07-05
Introduction to the CLASP Process 2013-07-03
Requirements Engineering Annotated Bibliography 2013-05-21
Optimizing Investments in Security Countermeasures: A Practical Tool for Fixed Budgets 2013-05-13
Requirements Prioritization Introduction 2013-05-13
Requirements Elicitation Introduction 2013-05-13
Security Requirements Engineering 2010-07-14
Back to Top