Cybersecurity user requirements analysis: the ECHO approach.
Katos, Vasilis; Ki-Aries, Duncan; Faily, Shamal; Genchev, Angel; Bozhilova, Maya; Stoianov, Nikolai
Dr Shamal Faily email@example.com
Cyber defense requires research and investment in advanced technological solution as well as in the development of effective methods and tools for identifying cyber threats and risks. This implies a need for a well-defined process for user requirements elicitation. The paper presents a structured approach for the identification of cybersecurity knowledge and elicitation of user needs, based on the development of specific use cases. Employing use cases is an effective way to identify the cyber security gaps. Example use case descriptions of the attacks on а general computer network are given. The proposed use cases are analyzed within CAIRIS platform. The modelling process confirms that CAIRIS is a powerful tool to enrich the context of threat models and UML class diagrams. Also, the modelling with CAIRIS could support using security-by-design principles. The research is conducted under the activities of “The European network of Cybersecurity centres and competence Hub for innovation and Operations” (ECHO) project.
KATOS, V., KI-ARIES, D., FAILY, S., GENCHEV, A., BOZHILOVA, M. and STOIANOV, N. 2022. Cybersecurity user requirements analysis: the ECHO approach. In: Shkarlet, S., Morozov, A., Palagin, A., Vinnikov, D., Stoianov, N., Zhelezniak, M. and Kazymyr, V. (eds.) Mathematical modeling and simulation of systems: selected papers from the proceedings of the 16th International scientific-practical conference on mathematical modeling and simulation of systems (MODS 2021), 28 June - 1 July 2021, Chernihiv, Ukraine. Lecture notes in networks and systems, 344. Cham: Springer [online], pages 405-421. Available from: https://link.springer.com/book/9783030899011
|Conference Name||16th International scientific-practical conference on mathematical modeling and simulation of systems (MODS 2021)|
|Conference Location||Chernihiv, Ukraine|
|Start Date||Jun 28, 2021|
|End Date||Jul 1, 2021|
|Acceptance Date||Jun 14, 2021|
|Online Publication Date||Jan 1, 2022|
|Publication Date||Dec 31, 2022|
|Deposit Date||Feb 23, 2022|
|Publicly Available Date||Jan 2, 2023|
|Series Title||Lecture notes in networks and systems (LNNS)|
|Book Title||Mathematical modeling and simulation of systems: selected papers from the proceedings of the 16th International scientific-practical conference on mathematical modeling and simulation of systems (MODS 2021), 28 June - 1 July 2021, Chernihiv, Ukraine.|
|Keywords||Cyber defense; User requirements elicitation; Use case analysis; CAIRIS modelling|
This file is under embargo until Jan 2, 2023 due to copyright reasons.
Contact firstname.lastname@example.org to request a copy for personal use.
You might also like
Use-case informed task analysis for secure and usable design solutions in rail.
Visualising personas as goal models to find security tensions.
Evaluating privacy: determining user privacy expectations on the web.
Identifying implicit vulnerabilities through personas as goal models.
Contextualisation of data flow diagrams for security analysis.