TY - GEN
T1 - System security requirements analysis with answer set programming
AU - Bibu, Gideon
AU - Yoshioka, Nobukazu
AU - Padget, Julian
PY - 2012
Y1 - 2012
N2 - The need for early consideration of security during system design and development cannot be over-emphasized, since this allows security features to be properly integrated into the system rather than added as patches later on. A necessary pre-requisite is the elicitation and analysis of the security requirements prior to system design. Existing methods for the security requirements phase, such as attack trees and misuse case analysis, use manual means for analysis, with which it is difficult to validate and analyse system properties exhaustively. We present a computational solution to this problem using an institutional (also called normative) specification to capture the requirements in the InstAL action language, which in turn is implemented in answer set programming (a kind of logic programming language). The result of solving the answer set program with respect to a set of events is a set of traces that capture the evolution of the model over time (as defined by the occurrence of events). Verification is achieved by querying the traces for specific system properties. Using a simple scenario, we show how any state of the system can be verified with respect to the events that brought about that state. We also demonstrate how the same traces enable: (i) identification of possible times and causes of security breaches and (ii) establishment of possible consequences of security violations.
AB - The need for early consideration of security during system design and development cannot be over-emphasized, since this allows security features to be properly integrated into the system rather than added as patches later on. A necessary pre-requisite is the elicitation and analysis of the security requirements prior to system design. Existing methods for the security requirements phase, such as attack trees and misuse case analysis, use manual means for analysis, with which it is difficult to validate and analyse system properties exhaustively. We present a computational solution to this problem using an institutional (also called normative) specification to capture the requirements in the InstAL action language, which in turn is implemented in answer set programming (a kind of logic programming language). The result of solving the answer set program with respect to a set of events is a set of traces that capture the evolution of the model over time (as defined by the occurrence of events). Verification is achieved by querying the traces for specific system properties. Using a simple scenario, we show how any state of the system can be verified with respect to the events that brought about that state. We also demonstrate how the same traces enable: (i) identification of possible times and causes of security breaches and (ii) establishment of possible consequences of security violations.
KW - answer set programming
KW - security requirements
KW - verification
UR - http://www.scopus.com/inward/record.url?scp=84871016409&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84871016409&partnerID=8YFLogxK
U2 - 10.1109/RES4.2012.6347689
DO - 10.1109/RES4.2012.6347689
M3 - Conference contribution
AN - SCOPUS:84871016409
SN - 9781467343794
T3 - 2012 2nd IEEE International Workshop on Requirements Engineering for Systems, Services, and Systems-of-Systems, RESS 2012 - Proceedings
SP - 10
EP - 13
BT - 2012 2nd IEEE International Workshop on Requirements Engineering for Systems, Services, and Systems-of-Systems, RESS 2012 - Proceedings
T2 - 2012 2nd IEEE International Workshop on Requirements Engineering for Systems, Services, and Systems-of-Systems, RESS 2012
Y2 - 25 September 2012 through 25 September 2012
ER -