Security Requirement Modeling Support System using Software Security Knowledge Base

With the growing number of services on the Internet, the need for secure software development has increased. It is required for secure software development to consider security in the whole development life cycle. It is indispensable for secure software development to use various types of security knowledge. This study deals with security requirement analysis. Existing security requirements modeling systems do not provide a function to create an artifact while referring to security knowledge in an integrated manner. In this paper, the authors develop a modeling support system for a misuse case diagram that enables the association of knowledge with elements that constitute the diagram. The results of an experiment using the system show the system's usefulness in both the integration of the knowledge base with the artifact creation environment and the association of the knowledge with the elements of the diagram.