Security Alignment Analysis of Software Product Lines

Danilloo Sprovieri, Nikolaos Argyropoulos, Carine Souveyet, Raul Mazo, Haralambos Mouratidis, Andrew Fish

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Abstract

Context: Security is becoming increasingly important during software engineering. Software developers should be able to adapt and deploy secure systems in a continuously changing execution context. Method: We use Software Product Lines (SPLs), Business Process Management (BPM) and Security Requirements Engineering (SRE) techniques for anticipating the uncertainty and the changes of security requirements. Results: We provide a method to support developers to incorporate security in the design of SPLs systems. To avoid costly and extensive re-design of SPLs and BPs, we propose a methodology to analyse the strategic change impact of SPLs and BPs. The methodology supports the alignment of organizational strategy and execution level with an emphasis to security. Conclusions: This methodology constitutes a guideline to trace back the impact of change respecting security constraints of SPLs and BPs on different abstraction levels.

Original languageEnglish
Title of host publicationProceedings - 4th International Conference on Enterprise Systems
Subtitle of host publicationAdvances in Enterprise Systems, ES 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages97-103
Number of pages7
ISBN (Electronic)9780769559841
DOIs
Publication statusPublished - 16 Mar 2017
Event4th International Conference on Enterprise Systems, ES 2016 - Melbourne, Australia
Duration: 2 Nov 20163 Nov 2016

Conference

Conference4th International Conference on Enterprise Systems, ES 2016
CountryAustralia
CityMelbourne
Period2/11/163/11/16

Fingerprint

Requirements engineering
Software engineering
Industry
Software
Alignment
Product line
Uncertainty
Methodology
Developer

Keywords

  • Business Process Management
  • Goal-oriented Requirements Engineering
  • Methodology
  • Software Product Lines

Cite this

Sprovieri, D., Argyropoulos, N., Souveyet, C., Mazo, R., Mouratidis, H., & Fish, A. (2017). Security Alignment Analysis of Software Product Lines. In Proceedings - 4th International Conference on Enterprise Systems: Advances in Enterprise Systems, ES 2016 (pp. 97-103). [7880478] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ES.2016.19
Sprovieri, Danilloo ; Argyropoulos, Nikolaos ; Souveyet, Carine ; Mazo, Raul ; Mouratidis, Haralambos ; Fish, Andrew. / Security Alignment Analysis of Software Product Lines. Proceedings - 4th International Conference on Enterprise Systems: Advances in Enterprise Systems, ES 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 97-103
@inproceedings{a4558428d06c4fafad968fd82e7d6e08,
title = "Security Alignment Analysis of Software Product Lines",
abstract = "Context: Security is becoming increasingly important during software engineering. Software developers should be able to adapt and deploy secure systems in a continuously changing execution context. Method: We use Software Product Lines (SPLs), Business Process Management (BPM) and Security Requirements Engineering (SRE) techniques for anticipating the uncertainty and the changes of security requirements. Results: We provide a method to support developers to incorporate security in the design of SPLs systems. To avoid costly and extensive re-design of SPLs and BPs, we propose a methodology to analyse the strategic change impact of SPLs and BPs. The methodology supports the alignment of organizational strategy and execution level with an emphasis to security. Conclusions: This methodology constitutes a guideline to trace back the impact of change respecting security constraints of SPLs and BPs on different abstraction levels.",
keywords = "Business Process Management, Goal-oriented Requirements Engineering, Methodology, Software Product Lines",
author = "Danilloo Sprovieri and Nikolaos Argyropoulos and Carine Souveyet and Raul Mazo and Haralambos Mouratidis and Andrew Fish",
year = "2017",
month = "3",
day = "16",
doi = "10.1109/ES.2016.19",
language = "English",
pages = "97--103",
booktitle = "Proceedings - 4th International Conference on Enterprise Systems",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

Sprovieri, D, Argyropoulos, N, Souveyet, C, Mazo, R, Mouratidis, H & Fish, A 2017, Security Alignment Analysis of Software Product Lines. in Proceedings - 4th International Conference on Enterprise Systems: Advances in Enterprise Systems, ES 2016., 7880478, Institute of Electrical and Electronics Engineers Inc., pp. 97-103, 4th International Conference on Enterprise Systems, ES 2016, Melbourne, Australia, 2/11/16. https://doi.org/10.1109/ES.2016.19

Security Alignment Analysis of Software Product Lines. / Sprovieri, Danilloo; Argyropoulos, Nikolaos; Souveyet, Carine; Mazo, Raul; Mouratidis, Haralambos; Fish, Andrew.

Proceedings - 4th International Conference on Enterprise Systems: Advances in Enterprise Systems, ES 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 97-103 7880478.

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

TY - GEN

T1 - Security Alignment Analysis of Software Product Lines

AU - Sprovieri, Danilloo

AU - Argyropoulos, Nikolaos

AU - Souveyet, Carine

AU - Mazo, Raul

AU - Mouratidis, Haralambos

AU - Fish, Andrew

PY - 2017/3/16

Y1 - 2017/3/16

N2 - Context: Security is becoming increasingly important during software engineering. Software developers should be able to adapt and deploy secure systems in a continuously changing execution context. Method: We use Software Product Lines (SPLs), Business Process Management (BPM) and Security Requirements Engineering (SRE) techniques for anticipating the uncertainty and the changes of security requirements. Results: We provide a method to support developers to incorporate security in the design of SPLs systems. To avoid costly and extensive re-design of SPLs and BPs, we propose a methodology to analyse the strategic change impact of SPLs and BPs. The methodology supports the alignment of organizational strategy and execution level with an emphasis to security. Conclusions: This methodology constitutes a guideline to trace back the impact of change respecting security constraints of SPLs and BPs on different abstraction levels.

AB - Context: Security is becoming increasingly important during software engineering. Software developers should be able to adapt and deploy secure systems in a continuously changing execution context. Method: We use Software Product Lines (SPLs), Business Process Management (BPM) and Security Requirements Engineering (SRE) techniques for anticipating the uncertainty and the changes of security requirements. Results: We provide a method to support developers to incorporate security in the design of SPLs systems. To avoid costly and extensive re-design of SPLs and BPs, we propose a methodology to analyse the strategic change impact of SPLs and BPs. The methodology supports the alignment of organizational strategy and execution level with an emphasis to security. Conclusions: This methodology constitutes a guideline to trace back the impact of change respecting security constraints of SPLs and BPs on different abstraction levels.

KW - Business Process Management

KW - Goal-oriented Requirements Engineering

KW - Methodology

KW - Software Product Lines

UR - http://www.scopus.com/inward/record.url?scp=85017303767&partnerID=8YFLogxK

U2 - 10.1109/ES.2016.19

DO - 10.1109/ES.2016.19

M3 - Conference contribution with ISSN or ISBN

AN - SCOPUS:85017303767

SP - 97

EP - 103

BT - Proceedings - 4th International Conference on Enterprise Systems

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Sprovieri D, Argyropoulos N, Souveyet C, Mazo R, Mouratidis H, Fish A. Security Alignment Analysis of Software Product Lines. In Proceedings - 4th International Conference on Enterprise Systems: Advances in Enterprise Systems, ES 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 97-103. 7880478 https://doi.org/10.1109/ES.2016.19