Addressing Security in Information Systems Development

As IT is becoming a key infrastructure of modern society and more and more critical tasks are performed or supported by information systems, security (i.e., protection against malicious attacks) is a vital quality factor in information systems development. However, security often appears to be poorly addressed in IS development projects, especially in early stages such as requirements analysis. In many cases, security concerns are only handled late in a development project, during coding - or worse, after deployment, as a response to observed vulnerabilities. There are several possible reasons for this. First of all, methods for secure systems development are often formal and heavyweight and not well integrated with mainstream software engineering methods, and software engineers have often had limited education in security. The customers also tend to have limited knowledge about security, hence such needs seldom surface in requirements elicitation interviews. Moreover, it is quite costly and time-consuming to properly consider security issues for a huge information system, and in some cases the identification requires imagination and an ability to view the system from the destructive perspective of an attacker, which is quite different from the constructive perspective that engineers are used to. To better address security at early stages of information systems development projects, it is therefore interesting to include the representation of security-related concepts in modelling languages used for IS development. This keynote speech looks at various approaches that have been proposed for including security in information systems modelling, related to different types of modelling approaches, such as goal-oriented models, use cases, business process models, and information models. It furthermore outlines future research challenges related to such modelling approaches, and discusses advantages and disadvantages of various research methods in such research.