Using SMCD to reduce inconsistencies in misuse case models: A subject-based empirical evaluation

• This paper presents a subject-based empirical evaluation of the SMCD structure.
• It evaluates whether SMCD can be used by its potential users to improve consistency in misuse case models.
• Results show that the use of SMCD helps improve consistency in misuse case models.

Security is a crucial requirement in software systems which need to be addressed as early as the requirements phase. The technique of misuse case modeling has been introduced slightly over a decade ago to elicit and specify functional security requirements. Development efforts downstream will be driven by the functional security requirements specified in misuse case models. Consequently, the quality of a misuse case model influences the effectiveness of downstream development efforts. Inconsistencies are an undesired attribute that can severely reduce the quality of misuse case models. In this paper, a controlled experiment involving students is presented which evaluates the reduction of inconsistencies in misuse case models resulting from utilizing a structure called SMCD (Structured Misuse Case Descriptions). The experiment also examines the impact of using SMCD upon other quality attributes of misuse case models. The results of the experiment indicate that using SMCD improves the consistency levels of the developed misuse case models.