Abstract
Identifying threats and risks to complex systems often requires some form of brainstorming. In addition, eliciting security requirements involves making traceable decisions about which risks to mitigate and how. The complexity and dynamics of modern socio-technical systems mean that their security cannot be formally proven. Instead, some researchers have turned to modeling the claims underpinning a risk assessment and the arguments which support security decisions. As a result, several argumentation-based risk analysis and security requirements elicitation frameworks have been proposed. These draw upon existing research in decision making and requirements engineering. Some provide tools to graphically model the underlying argumentation structures, with varying degrees of granularity and formalism. In this paper, we compare these approaches, discuss their applicability and suggest avenues for future research. We find that the core of existing security argumentation frameworks are the links between threats, risks, mitigations and system components. Graphs - a natural representation for these links - are used by many graphical security argumentation tools. But, in order to be human-readable, the graphical models of these graphs need to be both scalable and easy to understand. Therefore, in order to facilitate adoption, both the creation and exploration of these graphs need to be streamlined.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adelard Safety Case Development (ASCAD) Manual, London, UK (2010)
Beel, J., Langer, S.: An exploratory analysis of mind maps. In: Proceedings of the 11th ACM Symposium on Document Engineering, pp. 81–84. ACM (2011)
Bloomfield, R.E., Guerra, S., Miller, A., Masera, M., Weinstock, C.B.: International working group on assurance cases (for security). IEEE Secur. Priv. 4(3), 66–68 (2006)
Breaux, T.D., Baumer, D.L.: Legally “reasonable” security requirements: a 10-year FTC retrospective. Comput. Secur. 30(4), 178–193 (2011)
Buckingham Shum, S.: The Roots of Computer Supported Argument Visualization, pp. 3–24. Springer, London (2003)
Campbell-Kelly, M.: The History of Mathematical Tables: From Sumer to Spreadsheets. Oxford University Press, Oxford (2003)
Cleland, G.M., Habli, I., Medhurst, J.: Evidence: Using Safety Cases in Industry and Healthcare. The Health Foundation, London (2012)
Cyra, L., Górski, J.: Support for argument structures review and assessment. Reliab. Eng. Syst. Saf. 96(1), 26–37 (2011). Special Issue on Safecomp 2008
Defence standard 00-56 issue 4 (part 1): Safety management requirements for defence systems, July 2007
Emmet, L.: Using claims, arguments and evidence: a pragmatic view-and tool support in ASCE. www.adelard.com
Eppler, M.J.: A comparison between concept maps, mind maps, conceptual diagrams, and visual metaphors as complementary tools for knowledge construction and sharing. Inf. Vis. 5(3), 202–210 (2006)
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Off. J. Eur. Union L119/59, 1–88, May 2016. http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L:2016:119:TOC
Firesmith, D.G.: Analyzing and specifying reusable security requirements. Technical report DTIC Document (2003)
Fischer, G., Lemke, A.C., McCall, R., Morch, A.I.: Making argumentation serve design. Hum.-Comput. Interact. 6(3), 393–419 (1991)
Franqueira, V.N.L., Tun, T.T., Yu, Y., Wieringa, R., Nuseibeh, B.: Risk and argument: a risk-based argumentation method for practical security. In: RE, pp. 239–248. IEEE (2011)
Gold, J.: Data breaches and computer hacking: liability & insurance issues. American Bar Association’s Government Law Committee Newsletter Fall (2011)
Goodwin, J., Fisher, A.: Wigmore’s chart method. Inf. Logic 20(3), 223–243 (2000)
Górski, J., Jarz̧bowicz, A., Leszczyna, R., Miler, J., Olszewski, M.: Trust case justifying trust in an it solution. Reliab. Eng. Syst. Saf. 89(1), 33–47 (2005)
Haley, C., Laney, R., Moffett, J., Nuseibeh, B.: Security requirements engineering: a framework for representation and analysis. IEEE Trans. Soft. Eng. 34(1), 133–153 (2008)
Haley, C.B., Laney, R., Moffett, J.D., Nuseibeh, B.: Arguing satisfaction of security requirements. In: Integrating Security and Software Engineering: Advances and Future Visions, pp. 16–43 (2006)
Haley, C.B., Moffett, J.D., Laney, R., Nuseibeh, B.: Arguing security: validating security requirements using structured argumentation. In: Proceedings of Third Symposium on Requirements Engineering for Information Security (SREIS 2005) held in conjunction with the 13th International Requirements Engineering Conference (RE 2005) (2005)
Ionita, D., Bullee, J.W., Wieringa, R.J.: Argumentation-based security requirements elicitation: the next round. In: 2014 IEEE 1st Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), pp. 7–12. Springer, Heidelberg, August 2014
Ionita, D., Kegel, R., Baltuta, A., Wieringa, R.: Arguesecure: out-of-the-box security risk assessment. In: 2016 IEEE 24th International Requirements Engineering Conference Workshops (REW), pp. 74–79, September 2016
Kelly, T., Weaver, R.: The goal structuring notation - a safety argument notation. In: Proceedings of Dependable Systems and Networks 2004 Workshop on Assurance Cases (2004)
Kelly, T.P.: Arguing Safety: A Systematic Approach to Managing Safety Cases. University of York, York (1999)
Lee, J., Lai, K.Y.: What’s in design rationale? Hum.-Comput. Interact. 6(3–4), 251–280 (1991)
Liao, S.H.: Expert system methodologies and applications - a decade review from 1995 to 2004. Exp. Syst, Appl. 28(1), 93–103 (2005)
Maclean, A., Young, R.M., Moran, T.P.: Design rationale: the argument behind the artefact. In: Proceedings of the Computer Human Interaction conference (CHI) (1989)
Markham, K.M., Mintzes, J.J., Jones, M.G.: The concept map as a research and evaluation tool: further evidence of validity. J. Res. Sci. Teach. 31(1), 91–101 (1994)
Mosier, K.L.: Myths of expert decision making and automated decision aids. In: Naturalistic Decision Making, pp. 319–330 (1997)
Mylopoulos, J., Borgida, A., Jarke, M., Koubarakis, M.: Telos: representing knowledge about information systems. ACM Trans. Inf. Syst. (TOIS) 8(4), 325–362 (1990)
Park, J.S., Montrose, B., Froscher, J.N.: Tools for information security assurance arguments. In: Proceedings of the DARPA Information Survivability Conference, DISCEX 2001, vol. 1, pp. 287–296 (2001)
Polikar, R.: Ensemble based systems in decision making. IEEE Circ. Syst. Mag. 6(3), 21–45 (2006)
Prakken, H.: An abstract framework for argumentation with structured arguments. Argument Comput. 1, 93–124 (2010)
Prakken, H., Ionita, D., Wieringa, R.: Risk assessment as an argumentation game. In: Leite, J., Son, T.C., Torroni, P., van der Torre, L., Woltran, S. (eds.) CLIMA 2013. LNCS (LNAI), vol. 8143, pp. 357–373. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40624-9_22
Rowe, J., Levitt, K., Parsons, S., Sklar, E., Applebaum, A., Jalal, S.: Argumentation logic to assist in security administration. In: Proceedings of the 2012 New Security Paradigms Workshop, NSPW 2012, pp. 43–52. ACM, New York (2012)
Rushby, J.: The interpretation and evaluation of assurance cases. SRI International, Menlo Park, CA, USA (2015)
Shum, S.J.B., MacLean, A., Bellotti, V.M.E., Hammond, N.V.: Graphical argumentation and design cognition. Hum.-Comput. Interact. 12(3), 267–300 (1997)
Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requirements Eng. 10(1), 34–44 (2005)
Toulmin, S., Rieke, R., Janik, A.: An Introduction to Reasoning. Macmillan, Basingstoke (1979)
Toulmin, S.E.: The Uses of Argument. Cambridge University Press, Cambridge (1958)
Yu, Y., Tun, T.T., Tedeschi, A., Franqueira, V.N.L., Nuseibeh, B.: Openargue: supporting argumentation to evolve secure software systems. In: 2011 IEEE 19th International Requirements Engineering Conference, pp. 351–352, August 2011
Yu, Y., Franqueira, V.N.L., Tun, T.T., Wieringa, R., Nuseibeh, B.: Automated analysis of security requirements through risk-based argumentation. J. Syst. Soft. 106, 102–116 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Ionita, D., Ford, M., Vasenev, A., Wieringa, R. (2018). Graphical Modeling of Security Arguments: Current State and Future Directions. In: Liu, P., Mauw, S., Stolen, K. (eds) Graphical Models for Security. GraMSec 2017. Lecture Notes in Computer Science(), vol 10744. Springer, Cham. https://doi.org/10.1007/978-3-319-74860-3_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-74860-3_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-74859-7
Online ISBN: 978-3-319-74860-3
eBook Packages: Computer ScienceComputer Science (R0)