CAIRIS (Computer Aided Integration of Requirements and Information Security) is a Requirements Management tool for specifying secure and usable systems. CAIRIS was built from the ground-up to support the elements necessary for usability, requirements, and risk analysis. CAIRIS features include:
Automatic visualisation of models – including KAOS goal and obstacle models – and traceability between goal, requirements, security, and usability model elements
Support for entering and managing usability data, such as personas, tasks, and use cases
Support for entering, managing, and visualising risk analysis data.
Support for specifying attack patterns to reason about potential attacks.
The ability to import architectural patterns to automatically derive attack surface metrics based on them.
Automatic visualisation of models, and quantitative/qualitative scoring of security and usability data
Automatic document generation of a VOLERE compliant requirements specification.
CAIRIS should run on any platform that its open source dependencies run on. This includes most flavours of Linux.