Write a Blog >>
Thu 24 Mar 2022 14:45 - 15:30 at Conference Room 3 - RE in Practice Chair(s): Xavier Franch

[Context and motivation] Among all categories of non-functional requirements, requirements concerning security are those that are specified and tackled with care. [Question/problem] However, the constant changes in technologies used to develop software products, cause that the approaches to investigate if security requirements are satisfied are also changing very quickly. The changes are introduced to address the problems the industry struggle with [Principal ideas/results] We conducted an on-line based survey among software development practitioners. 190 respondents from a wide variety of countries shared with us their experience concerning testing security requirements. [Contribution:] We learned that security requirements are tested in majority of projects. There are different techniques used from automated ones like static code analysis, to manual ones like code reviews, manual testing. Mostly developers, QA/Internal testing team and DevOps are testing security. The greatest challenges concern effort, cost, knowledge and establishing testing culture.

Thu 24 Mar

Displayed time zone: London change

14:00 - 15:30
RE in PracticeResearch Papers at Conference Room 3
Chair(s): Xavier Franch Universitat Politècnica de Catalunya
14:00
45m
Talk
RE in the Market Dialogue of Public Procurement: A Case Study of an Innovation Partnership for Medical TechnologyScientific Evaluation
Research Papers
Gunnar Brataas SINTEF Digital, Geir Kjetil Hanssen SINTEF, Norway, Xinlu Qiu NTNU, Lisa Græslie SINTEF Digital
File Attached
14:45
45m
Talk
How Security Requirements are Tested in Industry? -- A Survey StudyScientific Evaluation
Research Papers
Sylwia Kopczyńska Poznan University of Technology, Daniel Craviee De Abreu Vieira Poznan University of Technology, Miroslaw Ochodek Poznan University of Technology