Skip to main content

Research Repository

Advanced Search

Visualising personas as goal models to find security tensions.

Faily, Shamal; Iacob, Claudia; Ali, Raian; Ki-Aries, Duncan


Shamal Faily

Claudia Iacob

Raian Ali

Duncan Ki-Aries


This paper aims to present a tool-supported approach for visualising personas as social goal models, which can subsequently be used to identify security tensions. The authors devised an approach to partially automate the construction of social goal models from personas. The authors provide two examples of how this approach can identify previously hidden implicit vulnerabilities and validate ethical hazards faced by penetration testers and their safeguards. Visualising personas as goal models makes it easier for stakeholders to see implications of their goals being satisfied or denied, and easier for designers to incorporate the creation and analysis of such models into the broader requirements engineering (RE) tool-chain. The approach can be used with minimal changes to existing user experience and goal modelling approaches and security RE tools.


FAILY, S., IACOB, C., ALI, R. and KI-ARIES, D. 2021. Visualising personas as goal models to find security tensions. Information and computer security [online], 29(5), pages 787-815. Available from:

Journal Article Type Article
Acceptance Date Mar 26, 2021
Online Publication Date Aug 16, 2021
Publication Date Nov 12, 2021
Deposit Date Sep 2, 2021
Publicly Available Date Sep 2, 2021
Journal Information and Computer Security
Print ISSN 2056-4961
Electronic ISSN 2056-497X
Publisher Emerald
Peer Reviewed Peer Reviewed
Volume 29
Issue 5
Pages 787-815
Keywords User personas; Systems security; Security risk analysis; Human-computer interaction (HCI); Software engineering; Requirements engineering
Public URL


You might also like

Downloadable Citations