Measuring Security in Requirements Engineering

Souhaib Besrour, Imran Ghani


The aim of this paper is to measure the security and related verification method in requirements engineering (RE). There are a few existing approaches to measure RE performance like IEEE Software Requirements Specification (SRS) and Security Quality Requirements Engineering (SQUARE). However, these existing approaches have some limitations such as lack of flexibility and require long implementation period. In order to address these issues, this paper intends to propose a new set of tools. First is the Effective Security Check List (ESCL), which is a check list with security questions that should be considered for measuring security. Secondly, the Traceability Matrix(TM), which is a two dimensional matrix to measure security during RE. Thirdly, Requirement Engineering Assessment Document (READ), which is a tool containing all statistical information about security performance during RE.  The combination of presented approaches had been implemented in a case study. The outcome results are encouraging and illustrated integrated outcomes within existing RE model. The security level had also been properly measured.


Full Text:



  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

The International Journal of Informatics and Communication Technology (IJ-ICT)
p-ISSN 2252-8776, e-ISSN 2722-2616
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).

Web Analytics View IJICT Stats