Visible to the public Towards a Framework for the Extension and Visualisation of Cyber Security Requirements in Modelling Languages

TitleTowards a Framework for the Extension and Visualisation of Cyber Security Requirements in Modelling Languages
Publication TypeConference Paper
Year of Publication2017
AuthorsMaines, C. L., Zhou, B., Tang, S., Shi, Q.
Conference Name2017 10th International Conference on Developments in eSystems Engineering (DeSE)
Date Publishedjun
KeywordsBPMN, BPMN processes, business data processing, business process, Business Process Model and Notation, Collaboration, Complexity theory, composability, computer security, cyber security concepts, cyber security requirements, formal specification, middleware, middleware security, modelling language, policy, policy-based governance, pubcrawl, resilience, Resiliency, security extension, security framework, security of data, Semantics, specification languages, Tools, visualization
AbstractEvery so often papers are published presenting a new extension for modelling cyber security requirements in Business Process Model and Notation (BPMN). The frequent production of new extensions by experts belies the need for a richer and more usable representation of security requirements in BPMN processes. In this paper, we present our work considering an analysis of existing extensions and identify the notational issues present within each of them. We discuss how there is yet no single extension which represents a comprehensive range of cyber security concepts. Consequently, there is no adequate solution for accurately specifying cyber security requirements within BPMN. In order to address this, we propose a new framework that can be used to extend, visualise and verify cyber security requirements in not only BPMN, but any other existing modelling language. The framework comprises of the three core roles necessary for the successful development of a security extension. With each of these being further subdivided into the respective components each role must complete.
DOI10.1109/DeSE.2017.29
Citation Keymaines_towards_2017