Enhancing Misuse Cases With Risk Assessment for Safety Requirements
Risk-driven requirements elicitation represents an approach that allows assignment of appropriate countermeasure for the protection of the Information System (IS) depending on the risk level. Elicitation of safety requirements based on risk analysis is essential for those IS which will run on the op...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2020-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8949505/ |
| _version_ | 1818616734557405184 |
|---|---|
| author | Oluwasefunmi T. Arogundade Sanjay Misra Olusola O. Abayomi-Alli Luis Fernandez-Sanz |
| author_facet | Oluwasefunmi T. Arogundade Sanjay Misra Olusola O. Abayomi-Alli Luis Fernandez-Sanz |
| author_sort | Oluwasefunmi T. Arogundade |
| collection | DOAJ |
| description | Risk-driven requirements elicitation represents an approach that allows assignment of appropriate countermeasure for the protection of the Information System (IS) depending on the risk level. Elicitation of safety requirements based on risk analysis is essential for those IS which will run on the open and dynamic Internet platform. Traditionally, misuse cases are used to find the weak points of an IS but cannot differentiate between the weak point that can lead to lenient hazard and/or serious hazard. In this paper, we present an enhanced misuse case approach to support IS safety risk assessment at the early stages of software process. We extensively examined and identified concepts which constitute a modelling technique for IS safety risk assessment and build a conceptual model for achieving IS safety risk assessment during the requirement analysis phase of software process. The risk assessment process follows an approach of consequential analysis based on misuse cases for safety hazard identification and qualitative risk measurement. The safety requirements are elicited according to the results of the risk assessment. A medical IS is used as a case study to validate the proposed model. |
| first_indexed | 2024-12-16T16:54:31Z |
| format | Article |
| id | doaj.art-5a03221e5c46425c9d989c7f3bf1d3af |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-16T16:54:31Z |
| publishDate | 2020-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-5a03221e5c46425c9d989c7f3bf1d3af2022-12-21T22:23:55ZengIEEEIEEE Access2169-35362020-01-018120011201410.1109/ACCESS.2019.29636738949505Enhancing Misuse Cases With Risk Assessment for Safety RequirementsOluwasefunmi T. Arogundade0https://orcid.org/0000-0001-9338-491XSanjay Misra1https://orcid.org/0000-0002-3556-9331Olusola O. Abayomi-Alli2https://orcid.org/0000-0003-2513-5318Luis Fernandez-Sanz3https://orcid.org/0000-0003-0778-0073Department of Computer Science, Federal University of Agriculture, Abeokuta, NigeriaDepartment of Computer Engineering, Atılım University, Ankara, TurkeyDepartment of Electrical and Information Engineering, Covenant University, Ota, NigeriaDepartment of Computer Science, University of Alcalá, Madrid, SpainRisk-driven requirements elicitation represents an approach that allows assignment of appropriate countermeasure for the protection of the Information System (IS) depending on the risk level. Elicitation of safety requirements based on risk analysis is essential for those IS which will run on the open and dynamic Internet platform. Traditionally, misuse cases are used to find the weak points of an IS but cannot differentiate between the weak point that can lead to lenient hazard and/or serious hazard. In this paper, we present an enhanced misuse case approach to support IS safety risk assessment at the early stages of software process. We extensively examined and identified concepts which constitute a modelling technique for IS safety risk assessment and build a conceptual model for achieving IS safety risk assessment during the requirement analysis phase of software process. The risk assessment process follows an approach of consequential analysis based on misuse cases for safety hazard identification and qualitative risk measurement. The safety requirements are elicited according to the results of the risk assessment. A medical IS is used as a case study to validate the proposed model.https://ieeexplore.ieee.org/document/8949505/Misuse caserequirements engineeringrisk assessmentscenariosafetyuse cases |
| spellingShingle | Oluwasefunmi T. Arogundade Sanjay Misra Olusola O. Abayomi-Alli Luis Fernandez-Sanz Enhancing Misuse Cases With Risk Assessment for Safety Requirements IEEE Access Misuse case requirements engineering risk assessment scenario safety use cases |
| title | Enhancing Misuse Cases With Risk Assessment for Safety Requirements |
| title_full | Enhancing Misuse Cases With Risk Assessment for Safety Requirements |
| title_fullStr | Enhancing Misuse Cases With Risk Assessment for Safety Requirements |
| title_full_unstemmed | Enhancing Misuse Cases With Risk Assessment for Safety Requirements |
| title_short | Enhancing Misuse Cases With Risk Assessment for Safety Requirements |
| title_sort | enhancing misuse cases with risk assessment for safety requirements |
| topic | Misuse case requirements engineering risk assessment scenario safety use cases |
| url | https://ieeexplore.ieee.org/document/8949505/ |
| work_keys_str_mv | AT oluwasefunmitarogundade enhancingmisusecaseswithriskassessmentforsafetyrequirements AT sanjaymisra enhancingmisusecaseswithriskassessmentforsafetyrequirements AT olusolaoabayomialli enhancingmisusecaseswithriskassessmentforsafetyrequirements AT luisfernandezsanz enhancingmisusecaseswithriskassessmentforsafetyrequirements |