Quiz Entry - updated: 2026.07.14
What are the main topics covered in Security Requirements Engineering and how do they relate to each other?
Seven building blocks that flow into each other: Requirements → Diagraming → SDLC → Threat Modelling → STRIDE → DREAD → Use/Misuse Cases — a pipeline from "what to build" to "what could go wrong and how badly."
Topic Overview:
| Topic | Purpose |
|---|---|
| Requirements | Define what the system should do (Functional/Non-Functional) |
| Diagraming | Document requirements in a universally understandable way |
| SDLC | Framework for secure software development lifecycle |
| Threat Modelling | Record and analyze threats using tools |
| STRIDE | Identify and enumerate threats |
| DREAD | Rate and prioritize risks |
| UCS/MUCS | Document desired behavior and security threats |
Key Insight: A comprehensive, risk-based approach is very targeted and desirable because it conserves resources.