Abstract
Misuse case analysis is a technique for early elicitation of security-related threats and requirements to planned information systems. Since the technique was first proposed in 2000, there have been many follow-up contributions both by the originators, their students and by other researchers. These contributions have focused partly on extensions and adaptations of the technique, and partly on empirical evaluations of its applicability. In this paper we review the work that has been done on misuse cases so far and point to future directions. In addition to the systematic review of previous work, this paper looks into the possibility of applying misuse cases for other dependability factors in addition to security and safety, providing examples where misuse cases are applied for availability, reliability, and robustness.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call