Secure Tropos framework for software product lines requirements engineering

Daniel Mellado, Haralambos Mouratidis, Eduardo Fernandez-Medina

Research output: Contribution to journalArticlepeer-review


Security and requirements engineering are two of the most important factors of success in the development of a software product line (SPL) due to the complexity and extensive nature of them, given that a weakness in security can cause problems throughout the products of a product line. Goal-driven security requirements engineering approaches, such as Secure Tropos, have been proposed in the literature as a suitable paradigm for elicitation of security requirements and their analysis on both a social and a technical dimension. Nevertheless, on one hand, goal-driven security requirements engineering methodologies are not appropriately tailored to the specific demands of SPL, while on the other hand specific proposals of SPL engineering have traditionally ignored security requirements. This paper presents work that fills this gap by proposing “SecureTropos-SPL” framework, an extension to Secure Tropos to support SPL security requirements engineering which is based on security goals and driven by security risks.
Original languageEnglish
JournalComputer Standards & Interfaces
Issue number4
Publication statusPublished - 1 Jan 2014

Bibliographical note

© 2014. This manuscript version is made available under the CC-BY-NC-ND 4.0 license


  • Security requirements
  • Product lines
  • Requirements engineering
  • Security requirement engineering
  • Secure Tropos


Dive into the research topics of 'Secure Tropos framework for software product lines requirements engineering'. Together they form a unique fingerprint.

Cite this