@article { , title = {Towards tool-support for usable secure requirements engineering with CAIRIS.}, abstract = {Understanding how to better elicit, specify, and manage requirements for secure and usable software systems is a key challenge in security software engineering, however, there lacks tool-support for specifying and managing the voluminous amounts of data the associated analysis yields. Without these tools, the subjectivity of analysis may increase as design activities progress. This paper describes CAIRIS (Computer Aided Integration of Requirements and Information Security), a step toward tool-support for usable secure requirements engineering. CAIRIS not only manages the elements associated with task, requirements, and risk analysis, it also supports subsequent analysis using novel approaches for analysing and visualising security and usability. The authors illustrate an application of CAIRIS by describing how it was used to support requirements analysis in a critical infrastructure case study.}, doi = {10.4018/jsse.2010070104}, eissn = {1947-3044}, issn = {1947-3036}, issue = {3}, journal = {International journal of secure software engineering}, note = {INFO COMPLETE (notified by contact 15.12.2021 GB) PERMISSION GRANTED (version = VOR ; embargo = 0 months ; licence = publisher's own ; https://www.igi-global.com/about/rights-permissions/content-reuse/ 15.12.2021 GB) DOCUMENT READY (downloaded file from author website 15.12.2021 GB) ADDITIONAL INFO: Shamal Faily © IGI Global. This material is made available for personal and non-commercial use only. For all other purposes, permission must be sought from the publisher, using the contact details provided on the IGI Global website: https://www.igi-global.com/about/rights-permissions/content-reuse/}, pages = {56-70}, publicationstatus = {Published}, publisher = {IGI Global}, url = {https://rgu-repository.worktribe.com/output/1427845}, volume = {1}, keyword = {Requirements engineering, Systems security, Security risk analysis, User-centred design, Human-computer interaction, User personas, Computer-aided integration of requirements and information security (CAIRIS)}, year = {2010}, author = {Faily, Shamal and Fléchais, Ivan} }