E-SCORE: A web-based tool for security requirements engineering

Hiba Hnaini; Raúl Mazo; Joël Champeau; Paola Vallejo; Jose Galindo

SoftwareX (May 2024)

E-SCORE: A web-based tool for security requirements engineering

Hiba Hnaini,
Raúl Mazo,
Joël Champeau,
Paola Vallejo,
Jose Galindo

Affiliations

Hiba Hnaini: ENSTA Bretagne, Brest, France; Corresponding author.
Raúl Mazo: ENSTA Bretagne, Brest, France
Joël Champeau: ENSTA Bretagne, Brest, France
Paola Vallejo: Universidad EAFIT, Medellín, Colombia
Jose Galindo: Dpto. de Lenguajes y Sistemas Inf., Sevilla, Spain

Journal volume & issue: Vol. 26
p. 101704

Abstract

Read online

As digital systems continue to grow in popularity, they also become more vulnerable to various forms of attacks with various motives, including financial gain and political influence. In response, engineers must consider system security from the design phase. However, defining security requirements at this stage can be challenging. To address this challenge, we propose E-SCORE, a web-based tool that streamlines the security requirements engineering process. E-SCORE implements the SCORE (Security Criteria Ontology for security Requirements Engineering) (i) to suggest security mechanisms and additional criteria to enhance security coverage and (ii) to facilitate security analysis of the system. An example of banking system usage is provided. Through our approach, we could define ten additional security requirements for a single requirement. Therefore, E-SCORE offers a valuable resource for engineers to ensure the security of digital systems across various domains.

Published in SoftwareX

ISSN: 2352-7110 (Online)
Publisher: Elsevier
Country of publisher: Netherlands
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science: Computer software
Website: http://www.journals.elsevier.com/softwarex/

About the journal

Abstract

Keywords