Security Engineering Process for Authentication and Lifecycle Management in OT

Description

Security engineering is an integral part of developing secure systems or components.
However, identifying relevant security requirements is a challenging task. This is
even true when standards and guidelines can be consulted. Extensive standards and
guidelines may add an extracted level of complexity since their general structure first
needs to be understood by the reader before relevant requirements can be extracted.
This thesis aims to assist the requirements engineer, or anyone interested in security
requirements, with identifying relevant requirements. This is done by introducing a
process flow that extracts requirements from a set of standards or guidelines given a
specific focus. This is done in a way that brings the requirements into a functional form
and associates them with extracted metadata.