Abstract
Security is of great importance for software intensive systems. Security incidents become more and more frequent in the last few years. Such incidents can lead to substantial damage, not only financially, but also in term of reputation loss. The security of a software system can be compromised by threats, which may harm assets with a certain likelihood, thus constituting a risk. All such risks should be identified, and unacceptable risks should be reduced. The task of dealing with risks is called risk management and should be performed right from the beginning of the software development process. Security requirements can be used to address security aspects during requirements engineering. We propose a risk-based method to elicit security requirements based on functional requirements. Our method complies to the ISO 27005 standard for security risk management. We provide guidance for all steps of that process, and the results are collected in a model. We also define validation conditions to support the identification of errors when carrying out the process as early as possible.