Engineering safety- and security-related quality requirements

Małgorzata Stojek

Abstrakt

Safety- and security-related problems for software intensive systems are often due to poor or missing relevant engineering requirements. Although there is nothing really new in our presentation, specified problems and methods are well worth revisiting because they are still far from being widely recognized and put into industrial practice.

Inżynierskie wymagania jakościowe związane z bezpieczeństwem i ochroną

Streszczenie

W przypadku systemów intensywnie korzystających z oprogramowania problemy związane z bezpieczeństwem i ochroną są często wynikiem złych lub brakujących odpowiednich wymagań technicznych. Chociaż w niniejszym artykule nie ma poruszanych nowych zagadnień, określone problemy i metody są warte ponownego przeanalizowania, ponieważ wciąż są dalekie od powszechnego uznania i przeniesienia ich do praktyki przemysłowej. 

Słowa kluczowe: safety, security, software-intensive systems , bezpieczeństwo, ochrona, systemy intensywnie wykorzystujące oprogramowanie
References

[1] Nuseibeh B., Easterbrook S., Requirements engineering: A roadmap, [in:] Proc. Conf. ICSE ’00 The Future of Software Engineering, ACM New York, 2000, 35–46.

[2] Zave P., Classification of research efforts in requirements engineering, “ACM Computing Surveys”, Vol. 29(4)/1997, 315–321.

[3] Boehm B., Papaccio P., Understanding and controlling software costs, “IEEE Transactions on Software Engineering”, Vol. 14(10)/1988, 1462–1477.

[4] Mellado D., Blanco C., Sánchez L., Fernández-Medina E., A systematic review of security requirements engineering, “Computer Standards & Interfaces”, Vol. 32(4)/2010, 153–165.

[5] Firesmith D., Common concepts underlying safety, security, and survivability engineering, Technical Note CMU/SEI-2003-TN-033, Carnegie Mellon University 2003.

[6] Firesmith D., Engineering safety- and security-related requirements for software-intensive systems, [in:] Proc. ICSE’10 32nd ACM/IEEE Int. Conf. on Software Engineering, Vol. 2, 2010, 489–490.

[7] Brooks F., No silver bullet – essence and accident in software engineering, “IEEE Computer”, Vol. 20(4)/1987, 10–19.

[8] Firesmith, D., Specifying good requirements, “Journal of Object Technology”, Vol. 2(4)/2003, 77–87.

[9] Firesmith, D., Using quality models to engineer quality requirements, “Journal of Object Technology”, Vol. 2(5)/2003, 67–75.

[10] Firesmith, D., Engineering safety requirements, safety constraints, and safety-critical requirements, “Journal of Object Technology”, Vol. 3(3)/2004, 27–42.

[11] Firesmith D., Are your requirements complete?, “Journal of Object Technology”, Vol. 4(1)/2005, 27–43.

[12] Firesmith D., Common requirements problems, their negative consequences, and industry best practices to help solve them, “Journal of Object Technology”, Vol. 6(1)/2007, 17–33.

[13] Vilela J., Castro J., Martins L., Gorschek T., Integration between requirements engineering and safety analysis: A systematic literature review, “The Journal of Systems and Software”, Vol. 125/2017, 68–92.