We present a pattern system/or security requirements engineering, consisting of problem frames and concretized frames. These are special kinds that serve to structure, characterize, analyze, finally solve software development problems in the area system security. equip each frame with formal preconditions postconditions. The analysis these conditions results explicitly shows dependencies between different Moreover, we indicate related frames, which commonly used together considered frame....

The released ISO 26262 standard requires a hazard analysis and risk assessment for automotive systems to determine the necessary safety measures be implemented certain feature. In this paper, we present structured model-based method systems. are based on requirements engineering process using problem frames. Their elements represented by UML notation extended with stereotypes. model enables rigorous validation of several constraints expressed in OCL. We illustrate our an electronic steering...

Problem frames provide a characterisation and classification of software development problems. Fitting problem to an appropriate frame should not only help understand it, but also solve the (the idea being that, once adequate is identified, then associated method be available). The authors propose architectural patterns corresponding different that may serve as starting point for construction solving given problem. It shown these exactly reflect properties problems fitting frame, they can...

We present UML4PF, a tool for requirements analysis based on problem frames. It consists of UML profile and an Eclipse-Plugin to model analyze diagrams, derive specifications, develop architectures.

Privacy policies are a widely used way of expressing the data handling by service providers. However, legalese in these documents hinders many users understanding important information about what is happening with their data. A privacy policy language and corresponding easy to understand visualization can help policies. In this survey we compare 18 languages that be context The focus lies on compatibility legislation like General Data Protection Regulation European Union formalization such languages.

We present a model- and pattern-based method that allows software engineers to take quality requirements into account right from the beginning of development process. The comprises analysis as well derivation architecture documents, in which are reflected explicitly. For analysis, we use an enhancement problem frame approach, where problems represented by diagrams. starts set diagrams, annotated with functional requirements. First, up initial architecture, taking decomposition overall sub...

We use the formal method B for specifying interfaces of software components. Each component interface is equipped with a suitable data model defining all types occurring in signature operations. Moreover, pre- and postconditions have to be given The interoperability between two components proved by using refinement relation an adaptation specifications.

We present a security engineering process based on problem frames and concretized frames. Both kinds of constitute patterns for analyzing problems associated solution approaches. They are arranged in pattern system that makes dependencies between them explicit. describe step-by-step how the can be used to analyze given approaches found. Further, we introduce new frame focuses privacy requirement anonymity.