DeepAI AI Chat
Log In Sign Up

Cross-project Classification of Security-related Requirements

03/31/2020
by   Mazen Mohamad, et al.
0

We investigate the feasibility of using a classifier for security-related requirements trained on requirement specifications available online. This is helpful in case different requirement types are not differentiated in a large existing requirement specification. Our work is motivated by the need to identify security requirements for the creation of security assurance cases that become a necessity for many organizations with new and upcoming standards like GDPR and HiPAA. We base our investigation on ten requirement specifications, randomly selected from a Google Search and partially pre-labeled. To validate the model, we run 10-fold cross-validation on the data where each specification constitutes a group. Our results indicate the feasibility of training a model from a heterogeneous data set including specifications from multiple domains and in different styles. However, performance benefits from revising the pre-labeled data for consistency. Additionally, we show that classifiers trained only on a specific specification type fare worse and that the way requirements are written has no impact on classifier accuracy.

READ FULL TEXT

page 1

page 2

page 3

page 4

06/07/2022

CitySpec: An Intelligent Assistant System for Requirement Specification in Smart Cities

An increasing number of monitoring systems have been developed in smart ...
02/19/2023

CitySpec with Shield: A Secure Intelligent Assistant for Requirement Formalization

An increasing number of monitoring systems have been developed in smart ...
06/14/2022

An Intelligent Assistant for Converting City Requirements to Formal Specification

As more and more monitoring systems have been deployed to smart cities, ...
06/27/2019

An Approach for Reviewing Security-Related Aspects in Agile Requirements Specifications of Web Applications

Defects in requirements specifications can have severe consequences duri...
10/15/2022

Assessing the Solid Protocol in Relation to Security Privacy Obligations

The Solid specification aims to empower data subjects by giving them dir...
08/14/2022

A Preliminary Study on the Potential Usefulness of Open Domain Model for Missing Software Requirements Recommendation

Completeness is one of the most important attributes of software require...