Deakin University
Browse

File(s) under embargo

Tracing security requirements in industrial control systems using graph databases

Version 2 2024-06-03, 02:59
Version 1 2024-03-13, 22:27
journal contribution
posted on 2024-06-03, 02:59 authored by A Tanveer, C Sharma, Roopak SinhaRoopak Sinha, MMY Kuo
AbstractWe must explicitly capture relationships and hierarchies between the multitude of system and security standards requirements. Current security requirements specification methods do not capture such structure effectively, making requirements management and traceability harder, consequently increasing costs and time to market for developing certified ICS. We propose a novel requirements repository model for ICS that uses labelled property graphs to structure and store system-specific and standards-based requirements using well-defined relationship types. Furthermore, we integrate the proposed requirements repository with design-time ICS tools to establish requirements traceability. A wind turbine case study illustrates the overall workflow in our framework. We demonstrate that a robust requirements traceability matrix is a natural consequence of using labelled property graphs. We also introduce a compatible requirements change management procedure that aids in adapting to changes in development and certification schemes.

History

Journal

Software and Systems Modeling

Volume

22

Pagination

851-870

Location

Berlin, Germany

ISSN

1619-1366

eISSN

1619-1374

Language

eng

Publication classification

C1.1 Refereed article in a scholarly journal

Issue

3

Publisher

Springer

Usage metrics

    Research Publications

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC