As a software system evolves, security concerns need to be analyzed to re-evaluate the impact of changes on the system and the assumptions on environmental properties. Traditionally, the security requirements were handled in an ad-hoc way, while requirement models are often embedded in natural language descriptions which lead to inconsistent interpretations with respect to the meaning of the requirements. These made it difficult to analyze for requirements changes. By adopting a model-based engineering methodology, we propose to investigate such changes using a consistent conceptual model of evolving security requirements which incorporates the state-of-art requirement modeling languages such as Tropos and Problem Frames. To address the challenge of evolutionary security requirements, we lay out the conceptual meta-models, and the general methodology to handle changes on security requirements, including how to represent security requirements, how to model the changes of them, how to manage the changes and how to argue that the changes are fit for the purposes.

Read on in the D.3.2 Methodology for Evolutionary Requirements deliverable.

The SecureChange security engineering process is revolutionary in the respect that it is fully change driven. The view of existing security engineering processes as sequences of actions (e.g. risk analysis and requirements elicitation) performed on the whole system has been replaced by the view of change events causing change propagation and state changes in the security engineering artefacts. This change of paradigm provides for the first time a systematic way of handling changes based on dependencies between artefacts. Beyond that the SecureChange process incorporates concepts for the collaboration of different stakeholders in security engineering, ranging from the IT manager and requirements engineer to the security architect and system administrator. The goal of this collaborative approach is to support continuous security management and to achieve an adequate level of security at any time in the software lifecycle.

Read more in the D2.1 - An architectural blueprint and a software development process for security-critical lifelong systems deliverable.

The deadline for submitting new project in the FET-Proactive initiative is 13 April 2010. The current call covers such topics as Molecular Scale Devices and Systems or Brain-Inspired ICT. Visit the website of the call for more information.

The SecureChange project was presented by Fabio Massacci (UNITN) and Ketil Stolen (SINTEF) at the Perspectives Workshop: Evolving Critical Systems, organised in Dagstuhl on 2-4 December 2009. The Presentations are available on the workshop's website.

During this week (9th and 10th of Sep.) Deep Blue (DBL) organized a workshop about the Air Traffic Management (ATM) case study. The primary goal of the workshop was to present the case study in details to the other partners, and finalize the scenarios which will be studied and assessed later on in the project. As part of the workshop, the participants visited ENAV SpA, the Italian company for Air Navigation Services, CNS/ATM Experimental Center (ECEC).

The purpose of the Evaluation of existing methods and principles in risk analysis report was to evaluate existing methods and principles for risk assessment and risk analysis of security, privacy and dependability. In this evaluation the SecureChange partners identified strengths and weaknesses of existing methods and techniques with respect of assessing and analysing risk of long-lived, changing and evolving systems.

Long-lived software systems often undergo evolution over an extended period of time. Evolution of these systems is inevitable as they need to continue to satisfy changing business needs, new regulations and standards, and the introduction of novel technologies. Once the system is put in operation, new requirements emerge and existing requirements change. Parts of the software may have to be modified to correct errors that are found in operation, to adapt it for a new platform and to improve its performance or other non-functional properties.

Software systems inevitably have to change if they are to remain useful, but the change may undermine the security of the systems. It is thus important to design software systems that are evolvable and secure.

The Secure Evolving Software Systems: a State of the Art Survey report reviews the current approaches to software evolution, security requirements engineering, requirements evolution, evolution in access control, and presents new research strands in software evolution. Read the full public report.

The presentations from the internal tutorial meeting can be downloaded from the document library of the website. The slides from the following sessions are available:

The July issue of the FET newsletter is out. The newsletter covers the first ever FET conference held in April, contains an overview about FET funding opportunities, and presents several exciting FET research projects.

The newsletter can be downloaded from the Cordis website.

The first European Future Technologies Conference and Exhibition (FET09) was organized this week in Prague, bringing together more than 800 scientists, policy-makers and industry representatives to present the successful discoveries carried out in the past FET (Future and Emerging) projects and discuss the future research directions.

The SecureChange project presented a poster showing the research challenges of the project and our initial objectives and approaches.