Professional Documents
Culture Documents
Assignment 5 - A Systematic Review of Security Requirements Engineering PDF
Assignment 5 - A Systematic Review of Security Requirements Engineering PDF
Article history: This paper addresses the issue that Security Requirements Engineering is an
Received 7 January 2009 important aspect of secure systems and should be carried out with caution in the
Received in revised form 25 January 2010
Accepted 27 January 2010 software development process. The article is in fact a systematic review of the
Available online 2 February 2010 existing literature concerning security requirements engineering since then. The
Keywords: paper highlights the fact that no systematic review has been performed regarding
Security requirements secure systems and claims to provide a framework where new research can be
Security requirements engineering carried out.
Requirements engineering
© 2010 Elsevier B.V. All rights reserved.
* Corresponding author.
E-mail address: tehreem.qureshi945@gmail.com
.
2 COMPUTER STANDARDS & INTERFACES 32 (2010) 153–165
Each section of the paper is evaluated as follows: The section illustrates with the help of tables, the
findings of this review. Through the tables, it is
2.1. Introduction envisioned that the authors did identify the initiatives
for addressing security requirements, find out how
The introduction section is very well-written; not many researches have provided the initiatives and a
only in terms of covering the need to write such a comparison of these initiatives based on certain
systematic review but also in a manner that is features that contribute to efficiently gathering security
conducive to reading. It is easy to understand what the requirements.
paper will be focusing on just by giving a one-time The problems identified in this section are so
reading to it. No technical terms are used and no detailed and are overcoming the research conducted.
abbreviations are used without explanation of their While reading this section, it seems for a while that the
long terms. problem of incorporating security requirements may
never be solved. As a part of this detailed review, there
2.2. Question formalization should have been a model introduced to overcome the
bigger problems and if not a model, then a separate
The research questions are explicitly stated unlike section dealing with the problems to keep all positive
other reviews where it is hard to understand the actual aspects intact.
question underlying the research. In order for the
reader to remember the objectives of the paper, 2.6. Conclusion
keywords formulating the research question are
already defined in this section. The paper concludes with mentioning its main
objective to present security requirements related
2.3. Review method literature. This section also points out what could be
biased about the review. Some of the future related
In this section, the authors have included subsections work and existing problems overpowering the
for sources selection, studies selection and selection identified initiatives have been incorporated as a part of
execution. the ‘Results and discussion’ section, which should have
In the section for sources selection, there is a list of been included in this section.
all sources that were used to gather articles from. The
studies were selected from the mentioned sources on
the basis of their extent to address security
requirements as a core area of research. The execution
section, listed the bibliography style from EndNote.
The review is very well structured and organized to
be a structures review. It lists all activities carried out
in the effort of presenting such a review.