期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2019
卷号:97
期号:14
页码:3881-3891
出版社:Journal of Theoretical and Applied
摘要:The increased complexity in security requirements due to the widely spread development of Internet of Things (IoT) applications requires Requirements Engineers (REs) to have a security knowledge and experience in the process of eliciting requirements. Requirements captured by REs are commonly inconsistent with their client�s intended requirements and often error prone. This paper intends to address this issue by conducting a survey to investigate the common practices among practitioners in IoT industry, focusing on how they deal with security requirements, what are their knowledge about IoT and its security and what resources they use when dealing with security. An online survey has been conducted involving 42 respondents from IoT organizations in Malaysia. The results show that respondents have knowledge of IoT and its security, but they have less involvement in eliciting security requirement in developing secure IoT applications. Therefore, there is a need to propose a new approach in eliciting security requirement in IoT application to help the professionals to develop more secure applications.
关键词:Requirement Engineering; security requirements; Internet of Things (IoT); elicitation
