Modeling of Security Fault-Tolerant Requirements for Secure Systems

Security services can keep a system from security breaches for a while, but they are ultimately compromised as the system is deployed and used. This paper describes the modeling of security fault-tolerant (SFT) requirements, which can tolerate the failures of security services for systems. SFT requirements are specified together with the security services requirements so that they tolerate breaches of the security services. This paper addresses an approach for specifying and analyzing SFT requirements using a meta-model. Threats to systems are identified in the requirements specification and analysis phases, and SFT measures against the threats are described with security services. An electronic commerce system is selected to illustrate the approach.