ASQF interest group Requirements Engineering: meeting in March 2017
From the abstract:
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” Sun Tzu, The Art of War
Quality neither can be “tested into” software in retrospective nor can software be secured in retrospective. To achieve an appropriate state of security, tasks and abilities of your own systems and objectives and resources of a potential attack have to be recorded – including the definition of
- what has to be secured,
- which resources are available
- and against who or what do security measures have to be successful.
Development of a secure system does not start with understanding and describing your own systems and your attackers. Security Requirements Engineering has to start as soon as possible during systems engineering and has to be iteratively continued during the entire lifecycle. This presentation will provide you with an overview of different methods in use such as SQUARE, context analysis and Misuse Cases.
This meeting of ASQF is for free. The professional group only asks participants to register via the ASQF website.
Christian Alexander Graf works for Method Park as a Freelance Consultant. His main topics are software development in medical technology, coaching agile methods as well as coding and software testing. Christian Graf is the Assistant Manager of the Erlangen-Nuremberg Medical Technology Division for the ASQF e.V. Since 2005 he has been a lecturer at the Duale Hochschule (University of Cooperative Education) Baden-Wurttemberg in Mannheim where he holds lectures in mathematics, computer science, software quality assurance and since 2014 IT security. Christian Graf is an ISTQB® Certified Tester – Full Advanced Level and a Professional Scrum Master.
At Method Park, Jens Palluch is trainer, senior consultant and coach for requirements engineering, systems engineering, safety and security. Since 2012, Jens Palluch has managed the Requirements Engineering Technical Group of the ASQF e.V. Jens Palluch is an IREB® Certified Professional for Requirements Engineering – Advanced Level (Requirements Elicitation and Consolidation), a CPMS® Certified Professional for Medical Software, an intacs™ Competent Assessor (Automotive SPICE®), an ASQF® Certified Professional for Project Management and a Certified Scrum Master.
March, 9th, 2017
Method Park Erlangen