• Skip to content
  • Skip to footer
  • Accessibility options
University of Brighton
  • About us
  • Business and
    employers
  • Alumni and
    supporters
  • For
    students
  • For
    staff
  • Accessibility
    options
Open menu
Home
Home
  • Close
  • Study here
    • Courses and subjects
    • Find a course
    • A-Z course list
    • Explore our subjects
    • Academic departments
    • Visiting the university
    • Explore: get to know us
    • Upcoming events
    • Virtual tours
    • Chat to our students and staff
    • Open days
    • Applicant days
    • Order a prospectus
    • Ask a question
    • Studying here
    • Accommodation and locations
    • Applying
    • Undergraduate
    • Postgraduate
    • Transferring from another university
    • The Student Contract
    • Clearing
    • International students
    • Fees and finance
    • Advice and help
    • Advice for students
    • Advice for parents and carers
    • Advice for schools and teachers
    • Managing your application
    • Undergraduate
    • Postgraduate
    • Apprenticeships
  • Research
    • Research and knowledge exchange
    • Research and knowledge exchange organisation
    • The Global Challenges
    • Centres of Research Excellence (COREs)
    • Research Excellence Groups (REGs)
    • Our research database
    • Information for business
    • Community University Partnership Programme (CUPP)
    • Postgraduate research degrees
    • PhD research disciplines and programmes
    • PhD funding opportunities and studentships
    • How to apply for your PhD
    • Research environment
    • Investing in research careers
    • Strategic plan
    • Research concordat
    • News, events, publications and films
    • Featured research and knowledge exchange projects
    • Research and knowledge exchange news
    • Inaugural lectures
    • Research and knowledge exchange publications and films
    • Academic staff search
  • About us
  • Business and employers
  • Alumni, supporters and giving
  • Current students
  • Staff
  • Accessibility
Search our site

A multi-coloured mix of molecules, columns of numbers and radio waves, depicting modern communications and research into internet security.

Centre for Secure, Intelligent and Usable Systems
  • What we do
  • Join us for study, work or visit
  • Who we are
  • What we do
    • What we do
    • Security
    • Intelligence
    • Usability
    • Our research and enterprise projects
    • Our research and enterprise impact
  • Our research and enterprise projects
    • Our research and enterprise projects
    • EMPOWERCARE
    • 3D-COFORM
    • Accessible Reasoning with Diagrams
    • Adaptation of mobile and distributed systems
    • Automatic semantic analysis of 3D content in digital repositories
    • ChartEx
    • DEFeND Data governance for supporting GDPR
    • Engineering and Evolving Secure Software Systems
    • EPOCH
    • Hove Plinth - Place-based narratives
    • iV&L Net
    • Mesh saliency
    • MITIGATE
    • Real-time automatic label detection on food trays
    • Real-time interactive image segmentation
    • Secure Tropos
    • SESAME
    • The VisiOn project
    • Word sketches
  • Secure Tropos

Secure Tropos

The common approach towards the inclusion of security within a software system is to identify security requirements after the definition of a system. This typically means that security enforcement mechanisms have to be fitted into a pre-existing design, leading to serious design challenges that usually translate into the emergence of computer systems afflicted with security vulnerabilities.

Moreover, security is traditionally approached as a technical issue that requires a technical solution. This treatment of security has led to the development of a number of security mechanisms and protocols that on one hand are successfully used in modern software systems but, on the other hand, have failed to ensure an acceptable degree of security.

Security of software systems has been transformed from a mono-dimensional technical issue to a two-dimensional issue that includes a technical dimension (related to challenges and problems associated to the available technology and the infrastructure of software systems) and a social dimension (which includes issues and problems related to the correct elicitation and analysis of security requirements and the involvement of humans in securing software systems). To effectively consider both dimensions, the research literature argues that it is essential for security to be considered from the early stages and throughout the software development lifecycle and a sound software engineering methodology needs to be developed that supports the simultaneous analysis of both dimensions of security.

Secure Tropos is a security-aware software systems development methodology, which combines requirements engineering concepts, such as actor, goal, plan together with security engineering concepts such as threat, security constraint and security mechanism, under a unified process to support the analysis and development of secure and trustworthy software systems.

Project aims

The project aimed to develop a software engineering methodology that incorporates security concerns in a structured and coherent way at all the stages of software systems design and development.

Project findings and impact

The original version of the methodology (2003-2013) was based on an adapted version of the i* language and the Tropos methodology development stages. Version 2 of the methodology (2013-) includes a number of enhancements such as a new streamlined security-aware process, a new set of security related concepts that enhance the security analysis, and a new set of techniques that enable automatic analysis of various security aspects of the system under development.

The methodology is supported by the SecTro tool, which supports the development of Secure Tropos models, it provides a set of analysis techniques and it enables the automatic generation of WORD and PDF files.

The SecTro is a comprehensive CASE tool, which supports the second version of Secure Tropos methodology. It is the second iteration of the dedicated tool which aims to be stable even with very large models, easy to use, provide automation and assistive features and build a solid base for future improvements.

  • All views of the same system are combined into single model for clutter-less management
  • Views are automatically synchronised between each other to ease the design process
  • Automatic model integrity checks are performed during modelling activities
  • Easy model sharing and documentation capabilities:
    • Models can be saved to various image formats
    • Models or parts of them can be sent to a printer
    • Recently introduced report generation allows exporting model reports as Word and PDF formats
  • Models can be analysed running several analysis methods (e.g. Security Constraints analysis, Threat mitigation analysis)
  • The Design Pattern Library (DPL) add-on allows capturing meaningful parts of models and reusing them later:
    • Automated design pattern insertion into currently open model/view
    • Design patterns can be chained into meaningful sets
    • Design patterns can be exported and imported as XML file for easy sharing
    • Each saved design pattern comes with a graphical representation
  • Models can be exported into XML file:
    • Default XML export mode (i.e. all data from the model)
    • Transformed to a required XML structure by supplying XSLT file. XSLT files can be saved in the SecTro2 database and reused any time

Research team

Professor Haris Mouratidis

Dr Michalis Pavlidis

Nikos Argyropoulos

Shaun Shei 

Output

SecTro 2 v2.0 user manual

SecTro 2 v2.0 installation guide

Download the SecTro 2 software

Partners

Back to top
  • Facebook
  • Twitter
  • Instagram
  • TikTok
  • YouTube
  • LinkedIn icon

Contact us

University of Brighton
Mithras House
Lewes Road
Brighton
BN2 4AT

Main switchboard 01273 600900

Course enquiries

Sign up for updates

University contacts

Report a problem with this page

Quick links Quick links

  • Courses
  • Open days
  • Order a prospectus
  • Academic departments
  • Academic staff
  • Professional services departments
  • Jobs
  • Privacy and cookie policy
  • Accessibility statement
  • Libraries
  • Term dates
  • Maps
  • Graduation
  • Site information
  • Online shop
  • COVID-19

Information for Information for

  • Current students
  • International students
  • Media/press
  • Careers advisers/teachers
  • Parents/carers
  • Business/employers
  • Alumni/supporters
  • Suppliers
  • Local residents