DeepAI AI Chat
Log In Sign Up

Cross-project Classification of Security-related Requirements

by   Mazen Mohamad, et al.

We investigate the feasibility of using a classifier for security-related requirements trained on requirement specifications available online. This is helpful in case different requirement types are not differentiated in a large existing requirement specification. Our work is motivated by the need to identify security requirements for the creation of security assurance cases that become a necessity for many organizations with new and upcoming standards like GDPR and HiPAA. We base our investigation on ten requirement specifications, randomly selected from a Google Search and partially pre-labeled. To validate the model, we run 10-fold cross-validation on the data where each specification constitutes a group. Our results indicate the feasibility of training a model from a heterogeneous data set including specifications from multiple domains and in different styles. However, performance benefits from revising the pre-labeled data for consistency. Additionally, we show that classifiers trained only on a specific specification type fare worse and that the way requirements are written has no impact on classifier accuracy.


page 1

page 2

page 3

page 4


CitySpec: An Intelligent Assistant System for Requirement Specification in Smart Cities

An increasing number of monitoring systems have been developed in smart ...

CitySpec with Shield: A Secure Intelligent Assistant for Requirement Formalization

An increasing number of monitoring systems have been developed in smart ...

An Intelligent Assistant for Converting City Requirements to Formal Specification

As more and more monitoring systems have been deployed to smart cities, ...

An Approach for Reviewing Security-Related Aspects in Agile Requirements Specifications of Web Applications

Defects in requirements specifications can have severe consequences duri...

Assessing the Solid Protocol in Relation to Security Privacy Obligations

The Solid specification aims to empower data subjects by giving them dir...

A Preliminary Study on the Potential Usefulness of Open Domain Model for Missing Software Requirements Recommendation

Completeness is one of the most important attributes of software require...