The Unified Modeling Language (UML) is a widely used analysis and design language for developing object-oriented systems. A use case-driven approach is used to textually document requirements in the form of use cases. A use case diagram is used to provide a visual summary of use cases, actors and their relationships. Use case modeling is performed at the early stage of requirements elicitations, and any design defects in use case diagrams propagate to the later stages of software development. Therefore, it is crucial to develop quality use case models through the early detection of poor design decisions to improve the overall end-product quality. These poor design decisions are commonly referred to as “bad smells”, and taking the necessary measures to remove the bad smells is called “refactoring”.
Security is one of the important quality attributes that reflects the ability of a system to prevent malicious actions and loss of information. A basic aim of secure software is to prevent unauthorized access and the modification of information. The fulfillment of security requirements at the requirements level is imperative to minimize the cost of addressing the security issue at later stages of the software development life cycle.
Despite the importance of security in use case models, there exists no study that focused on identifying bad smells and the related refactoring opportunities in use case models to investigate the impact of model refactoring on the security quality of use case models. In particular, there is a need to develop detection and correction techniques to identify and mitigate security bad smells from use case models.