Abstract

Within requirements engineering, software requirements specifications tend to prioritize functional needs, potentially failing to capture critical security aspects and adequate security requirements. Security requirements engineering is a manual and error-prone activity often neglected due to the knowledge gap between cybersecurity professionals and software requirements engineers. Consequently, security requirements are especially prone to being underspecified, a condition where they lack a complete set of feature-values and are thus open to multiple interpretations. Underspecified security requirements can lead to incorrect assumptions and missing security properties, often remaining undiscovered until system deployment, thereby leaving the system vulnerable to exploitation. Furthermore, even individually well-written security requirements may belong to specifications that collectively lack important details or mitigation techniques when viewed holistically. To address these critical issues, this work proposes a comprehensive framework to support the automated elicitation, formalization, and analysis of security requirements, aiming to detect underspecifications that can lead to software weaknesses and vulnerabilities. The proposed framework first contributes to security requirements elicitation through an automated generative adversarial network-based approach. Next, this work focuses on identifying underspecified security requirements using formal reasoning. To achieve this, a formal model of common requirements-level weaknesses, based on the Common Weakness Enumeration (CWE), is developed using the Alloy specification language. Alloy's formal reasoning capabilities are then leveraged to automatically generate instances of modeled systems. By providing constraints to the Alloy model derived from a given system's security requirements, the instantiated formal models effectively highlight underspecifications, represented as common weaknesses. Crucially, this work also investigates Large Language Model (LLM)-based techniques to create an automated security requirements formalization method capable of accurately generating formal Alloy security model constraints from natural language requirements. The integrated requirements formalization and analysis framework is tested using five real-world security requirements specifications, demonstrating its capabilities in detecting underspecified security requirements. Additionally, the framework employs LLM post-processing to translate the formal reasoning results into natural language explanations of root causes, providing actionable insights for addressing detected underspecifications.

Library of Congress Subject Headings

Software engineering--Quality control; Computer security--Data processing; Underspecification (Linguistics)

Publication Date

7-2025

Document Type

Dissertation

Student Type

Graduate

Degree Name

Computing and Information Sciences (Ph.D.)

Department, Program, or Center

Computing and Information Sciences Ph.D, Department of

College

Golisano College of Computing and Information Sciences

Advisor

Mehdi Mirakhorli

Advisor/Committee Member

Nan Messe

Advisor/Committee Member

Zhe Yu

Campus

RIT – Main Campus

Plan Codes

COMPIS-PHD

Download

Share

COinS