Many business analysts and requirements engineers are at a loss when it comes to security requirements. Most of them have not received any training, and those who have been exposed to security mechanisms have only been given an overview. However, in today’s world of daily virus alerts, malicious software and malicious crackers, security requirements play an ever increasing role in software evaluation and selection.

The new "Security" RTP provides you with a collection of ready-to-use requirement templates, which you can import into Evaluation Specifications. Thus, the "Security" RTP lets you take advantage of our requirements knowledge base and helps you save time and effort.

Security requirements are functional requirements. By definition, functional requirements are associated with specific functions, tasks or behaviors the system must support.

The "Security" RTP contains the following kinds of requirements:

• Identification Requirements
• Authentication Requirements
• Authorization Requirements
• Immunity Requirements
• Integrity Requirements
• Intrusion Detection Requirements
• Non-repudiation Requirements
• Privacy Requirements
• Security Auditing Requirements
• Survivability Requirements
• Physical Protection Requirements
• System Maintenance Security Requirements

You will obtain a list of available Requirement Templates Packages (RTPs) when you select the 'Functional Requirement Templates' menu option in the Evaluation Specification Editor (ESEdit). If you have acquired a license for an RTP, you can right-click on the respective table row to open the RTP for viewing. Just use drag and drop to import requirement templates into your Evaluation Specification.

The RTP requires the Evaluator's Application Suite (EAS) Release 1.1, which is slated for April 2007.