Typical SRE approaches are broadly classified into:

  • Derived approach: It is derived from traditional requirement gathering approach (use case modeling) to address security requirements in software development process
  • Dedicated approach: It is developed specifically to address security requirements
  • Common Security Requirement Engineering Approach:
  1. Derived Approach:
    1.1 Abuse Case
    1.2 Security Use Case
    1.3 Abuse Stories
  2. Dedicated Approach
    2.1 SQUARE
    2.2 OCTAVE