SecIoT_MEReq : Automated Tool To Elicit Security Requirements For IoT Application Software Development

Main Article Content

Asma Asdayana Ibrahim, Massila Kamalrudin

Abstract

The use of Internet of Things (IoT) applications has grown in popularity and significance because it allows people and services to interact at any time and from any location. IoT will necessitate the development of new software tools as well as interoperability: Until now, the Internet of Things opportunity has consisted of “simple” monitoring applications and related tracking or location services. Security has long been regarded as a major concern in IoT. It is critical for IoT application developers to elicit security requirements of IoT applications at an early stage to avoid potential security issues. In this paper, we describe our automated approach and tool, called SecIoT_MEReq that helps to elicit security requirements of IoT applications. SecIoT_MEReq provides a model-based approach together with patterns library that helps to capture requirements that have been expressed in textual natural language requirements then extracted to Essential Use Cases (EUCs) and Essential User Interface (EUI) models. We describe its design and implementation together with the results of evaluating our tool’s usability. The results of the study showed that our tool can help requirements engineers to easily elicit security-related requirements of IoT applications development.

Article Details

Section
Articles