Software requirements, for complex projects, often contain specifications of non-functional attributes (e.g., security-related features). The process of analyzing such requirements for standards compliance is laborious and error prone. Due to the inherent free-flowing nature of software requirements, it is tempting to apply Natural Language Processing (NLP) and Machine Learning (ML) based techniques for analyzing these documents. In this thesis, we propose a novel semi-automatic methodology that assesses the security requirements of the software system with respect to completeness and ambiguity, creating a bridge between the requirements documents and being in compliance. Security standards, e.g., those introduced by the ISO and OWASP, are ...
The primary goal of this research is to develop a structured object-oriented security requirements a...
Often security incidents that have the object or use the software as a means of causing serious dam...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
Critical software vulnerabilities are often caused by incorrect, vague, or missing security requirem...
This systematic literature review (SLR) examines the current practices, challenges, proposed solutio...
Security can be informally defined as the freedom from the conditions that cause a loss of assets. S...
Abstract—Defects in requirements specifications can have severe consequences during the software dev...
Defects in requirement specifications can have severe consequences during the software development l...
We present a process to develop secure software with an extensive pattern-based security requirement...
The elaboration of requirements is a crucial step in the development of software-intensive security-...
Defects in requirements specifications can have severe consequences during the software development ...
We describe our ongoing research that centres on the application of natural language processing (NLP...
Context & motivation: More and more software projects today are security-related in one way or the o...
The engineering of a software system depends crucially upon the requirements specification of the sy...
Context: Security considerations are typically incorporated in the later stages of development as an...
The primary goal of this research is to develop a structured object-oriented security requirements a...
Often security incidents that have the object or use the software as a means of causing serious dam...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
Critical software vulnerabilities are often caused by incorrect, vague, or missing security requirem...
This systematic literature review (SLR) examines the current practices, challenges, proposed solutio...
Security can be informally defined as the freedom from the conditions that cause a loss of assets. S...
Abstract—Defects in requirements specifications can have severe consequences during the software dev...
Defects in requirement specifications can have severe consequences during the software development l...
We present a process to develop secure software with an extensive pattern-based security requirement...
The elaboration of requirements is a crucial step in the development of software-intensive security-...
Defects in requirements specifications can have severe consequences during the software development ...
We describe our ongoing research that centres on the application of natural language processing (NLP...
Context & motivation: More and more software projects today are security-related in one way or the o...
The engineering of a software system depends crucially upon the requirements specification of the sy...
Context: Security considerations are typically incorporated in the later stages of development as an...
The primary goal of this research is to develop a structured object-oriented security requirements a...
Often security incidents that have the object or use the software as a means of causing serious dam...
This paper presents a model for structuring and reusing security requirements sources. The model ser...