BPMN4FRSS: An BPMN Extension to Support Risk-Based Development of Forensic-Ready Software Systems
Authors | |
---|---|
Year of publication | 2023 |
Type | Article in Proceedings |
Conference | Evaluation of Novel Approaches to Software Engineering |
MU Faculty or unit | |
Citation | |
web | https://link.springer.com/chapter/10.1007/978-3-031-36597-3_2 |
Doi | http://dx.doi.org/10.1007/978-3-031-36597-3_2 |
Keywords | Forensic readiness;Forensic-ready software systems;Modelling;BPMN;Software design;Risk management;Security |
Description | The importance of systems secure-by-design is well recognised. However, incidents or disputes requiring thorough investigation might occur even in highly secure systems. Forensic-ready software systems aim to ease the investigations by including requirements for reliable, admissible, and on-point data - potential evidence. Yet, the software engineering techniques for such systems have numerous open challenges. One of them, representation and reasoning, is tackled in this chapter by defining the syntax and semantics of modelling language BPMN for Forensic-Ready Software Systems (BPMN4FRSS). In addition to representing the requirements and specific controls, a semantic mapping to forensic-ready risk management is defined to support risk-oriented design. This approach of designing forensic-ready software systems, supported by BPMN4FRSS models, is then demonstrated. |
Related projects: |