An Ontology-based Approach for Automatic Specification, Verification, and Validation of Software Security Requirements: Preliminary Results

Critical software vulnerabilities are often caused by incorrect, vague, or missing security requirements. Hence, there is a strong need in the software engineering community for tools that facilitate software engineers in eliciting and evaluating security requirements. Although several methods have been proposed for specifying, verifying, and validating security requirements, they require a lot of...