EEMCS EPrints Service
Vasenev, A. and Ionita, D. and Zoppi, T. and Ceccarelli, A. and Wieringa, R.J. (2017) Towards security requirements: Iconicity as a feature of an informal modeling language. In: REFSQ 2017 Joint Proceedings of the Co-Located Events: Joint Proceedings of REFSQ-2017 Workshops, 27 Feb 2017, Essen, Germany. pp. 1-15. CEUR Workshop Proceedings 1796. CEUR-WS.org. ISSN 1613-0073
Full text available as:
Self-adaptive systems need to be designed with respect to threats within their operating conditions. Identifying such threats during the design phase can benefit from the involvement of stakeholders. Using a system model, the stakeholders, who may neither be IT experts nor security experts, can identify threats as a first step towards formulating security requirements. To support it, the modeling language might possess adequate features to support this task. This paper investigates how iconic signs as a feature of an informal modeling language can contribute to eliciting security requirements by non-experts. Taking urban grid as a case, we relate benefits and specifics of using iconic signs to the two modeling challenges: i) reducing the cognitive complexity required to understand and model a system by non-experts, and ii) facilitating the threat identification activity using a system model. Outputs of three experiments suggest that iconic signs do assists in addressing the challenges.
Export this item as:
To correct this item please ask your editor
Repository Staff Only: edit this item