ArgueSecure

ArgueSecure is a set argumentation-based risk assessment tools aimed at documenting the rationale behind attacks identified and countermeasures selected as part of an informal, qualitative risk assessment:

• A lightweight Excel-based version.
• A Java version which is intended to be used during dedicated security requirements elicitation sessions. It is designed to be usable with a projector.
• An online version which in addition allows stakeholders and experts to engage in a risk assessmentin real-time without being in the same room and even without being available the same time.

All three tools share a similar way of encoding risk arguments, but have slightly different functionality, described on the GitHub pages (for the online and Java version) and in the spreadsheet (for the Excel-based version).

The ArgueSecure tools are products of research into qualitative information security risk assessment performed by Dan Ionita et al.:

• Argumentation-based security requirements elicitation: The next round
• ArgueSecure: Out-of-the-Box Security Risk Assessment