Title:
Security Driven Requirements Refinement and Exploration of Architecture with multiple NFR points of view
Author(s):
Takao Okubo, Nobukazu Yoshioka, and Haruhiko Kaiya.
Source:
In 2014 IEEE 15th International Symposium on High-Assurance Systems Engineering (HASE 2014), pp. 201-205, Miami, Florida, USA, 9-11 Jan. 2014. IEEE Computer Society, CPS.
Abstract:
Earlier software architecture design is essential
particularly when it comes to security concerns, since security
risks, requirements and architectures are all closely interrelated
and interacting. We have proposed the security driven twin
peaks method with a mutual refinement of the requirements,
and architectures. However, there are multiple alternatives to
an architecture design for initial requirements, and their choices
depend on non-functional requirements (NFRs), such as security,
performance, and cost which often largely change. We propose
a new method we call TPM-SA2 to avoid any back-track in
refinement. Each architectural alternative in TPM-SA2 is refined
so that it aligns with the requirements. For each refinement, the
requirements can be updated vice versa. TPM-SA2 enables us
to predict the impacts on the NFRs by each candidate for the
architecture, and choose the most appropriate one with respect
to the impact. As a result, we can define the requirements and
architectures, and estimated the development costs earlier than
ever.
Related Paper(s):