REFSQ 2023


The 29th International Working Conference on Requirement Engineering: Foundation for Software Quality will take place from the 17th to 20th of April 2023 in Barcelona, Catalunya, Spain.

Cyber-physical systems, like modern cars and industrial automation systems, are highly connected and complex. Their various interconnections open interfaces for attackers, and their complexity increases the risk of undetected security vulnerabilities. Hence, an important part of requirements engineering is threat modeling. It is a means to elicit security assets, goals, and assumptions, and to derive required security controls. Effective threat modeling needs a systematic workshop setup. In this paper, we report our experiences and lessons learned from threat modeling workshops that we conducted with industry partners from the domains of industrial automation, health care, smart home, and automotive. In conclusion, we derive a set of open challenges.

Roman Trentinaglia (Fraunhofer IEM) will present the paper "Eliciting Security Requirements - an Experience Report".

For additional information about the agenda and content see the event page.

Carrer de Berruguete, 126
08035, Barcelona
Universitat Politècnica de Catalunya, University of Gothenburg, L'Istituto di Scienza e Tecnologie dell'Informazione
image description