Abstract
Interactions between software engineering and security requirements or engineering can be carried out in almost all software process phases, i.e. requirements analysis, design, implementation, verification, and deployment. In current information era, modern societies and emergent business increasingly rely on technology and communication. It becomes inevitable that every software system developed today must defend itself from malicious adversaries. Organizations used to adhere to well-defined and proved models for software development, but these models were originally proposed for functional requirements. The non-functional requirements don’t receive the same level of concern. Non-functional requirements address how the system should behave. It is understood that adding non-functional requirements after the system (functional) requirements and design are done is both difficult, expensive, and sometimes impossible. This paper comprehensively studies how security as a non-functional requirement is incorporated in the software development life-cycle. It shows how to unify the security policies with the development models earlier in development life cycle. The work accommodate any non-functional requirement but the case study is centred on security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cysneiros L, do Prado Leite J (2004) Nonfunctional requirements: from elicitation to conceptual models. IEEE Trans Softw Eng 30(5):328–350
Devanbu PT, Stubblebine S (2000) Software engineering for security: a roadmap. In: The future of software engineering. ACM Press, pp 227–239
Fei Y, Xiaodong Z (2007) An xml-based software non-functional requirements modeling method. In: ICEMI ’07. 8th International conference on electronic measurement and instruments, pp 2–375 -2-380, 16–18 July 2007
Franch X, Botella P (1998) Putting non-functional requirements into software architecture. In: 9th International workshop on software specification and design, pp 60–67
Giorgini P, Massacci F, Mylopoulos J (2003) Requirement engineering meets security: a case study on modelling secure electronic transactions by visa and mastercard. In: ER, pp 263–276
Haley C, Laney R, Moffett J, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans Softw Eng 34(1):133–153
Jung HT, Lee GH (2010) A systematic software development process for non-functional requirements. In: 2010 International conference on information and communication technology convergence (ICTC), pp 431–436
JĂĽrjens J (2001) Towards development of secure systems using UMLsec. In: Hussmann H (ed) FASE 2001. LNCS, vol 2029. Springer, Heidelberg, p 187
Jürjens J (2002) UMLsec: extending UML for secure systems development. In: Jézéquel J-M, Hussmann H, Cook S (eds) UML 2002. LNCS, vol 2460. Springer, Heidelberg, p 412
Nunes F, Belchior A, Albuquerque A (2010) Security engineering approach to support software security. In: 2010 6th World congress on services (SERVICES-1), pp 48–55
Royce WW (1970) Managing the development of large software systems: concepts and techniques. In: ICSE ’87: Proceedings of the 9th international conference on software engineering. IEEE Computer Society Press, Los Alamitos, CA, USA, pp 328–338
Sommerville I (2011) Software engineering, vol 9/E. Addison-Wesley, New York
Umar M, Khan N (2011) Analyzing non-functional requirements (nfrs) for software development. In: 2011 IEEE 2nd International conference on software engineering and service science (ICSESS), pp 675–678
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Ragab, N., Ahmed, A., AlHashmi, S. (2015). Software Engineering for Security as a Non-functional Requirement. In: Abraham, A., Jiang, X., Snášel, V., Pan, JS. (eds) Intelligent Data Analysis and Applications. Advances in Intelligent Systems and Computing, vol 370. Springer, Cham. https://doi.org/10.1007/978-3-319-21206-7_29
Download citation
DOI: https://doi.org/10.1007/978-3-319-21206-7_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-21205-0
Online ISBN: 978-3-319-21206-7
eBook Packages: EngineeringEngineering (R0)