An Integrated Model for Software Security Testing Requirements
Security requirements engineers usually only need provide with software security requirements, and they unnecessarily specify software security behavior mechanisms, which are critical not only for software security design but also for software security testing. After discussing the relations and differences between security use cases and misuse cases, we provides an integrated model, SETAM, for software security testing requirements, which is based on security function testing use cases and adversary testing use cases..
Dongye Sun, Wen-Pei Sung and Ran Chen
Z. W. Hui et al., "An Integrated Model for Software Security Testing Requirements", Applied Mechanics and Materials, Vols. 121-126, pp. 1891-1895, 2012