Security Requirements

Maintaining security requirements of the evolving systems is challenging because of the rapid changes in system context and the more exposure of system vulnerabilities to the malicious attackers. Therefore, I am interested in understanding the impact of system changes because of change requests and bugs on satisfaction of the security requirements. I have proposed a conceptual framework to maintain security requirements using evolving cross cutting dependencies. The study is submitted for publication in the book of Aspect Oriented Requirements Engineering by springer.

Security and non-security bug fixes

Fixing high priority security and non-security issues (change requests and bugs) within the given time and resource constraints is challenging. I have developed a security issue classifier to classify security and non-security issues and measured their average fixing time. It will help in understanding the nature of security fixes, and estimating their fixing time. I have applied the technique on Samba open source security critical project.

Software Release Planning

Planning releases to develop software product within the given resources, and considering stakeholder preferences is challenging. I have developed taxonomy of existing release planning models extracting from the literature. Now, I am recovering the planning constraints from the Samba historical data to assess the development effort for planning of security and non-security fixes.

Copyright 2015 © Saad Bin Saleem