Abstract: Techniques for automated system requirements analysis are disclosed. A system requirements analysis (SRA) service generates a system model that includes system requirements, at least by performing natural-language processing on a natural-language representation of the system requirements. Based at least on the system model, the SRA service performs an analysis of the system requirements against codified system requirements rules. The SRA service determines, based at least on the analysis of the system requirements against the codified system requirements rules, that the system requirements include a violation of a system requirements rule. The SRA service generates a report that identifies at least (a) the violation of the system requirements rule and (b) a suggested action to remediate the violation of the system requirements rule.

Abstract: Techniques for automated system requirements analysis are disclosed. A system requirements analysis (SRA) service generates a system model that includes system requirements, at least by performing natural-language processing on a natural-language representation of the system requirements. Based at least on the system model, the SRA service performs an analysis of the system requirements against codified system requirements rules. The SRA service determines, based at least on the analysis of the system requirements against the codified system requirements rules, that the system requirements include a violation of a system requirements rule. The SRA service generates a report that identifies at least (a) the violation of the system requirements rule and (b) a suggested action to remediate the violation of the system requirements rule.

Abstract: Techniques for automated system requirements analysis are disclosed. A system requirements analysis (SRA) service generates a system model that includes system requirements, at least by performing natural-language processing on a natural-language representation of the system requirements. Based at least on the system model, the SRA service performs an analysis of the system requirements against codified system requirements rules. The SRA service determines, based at least on the analysis of the system requirements against the codified system requirements rules, that the system requirements include a violation of a system requirements rule. The SRA service generates a report that identifies at least (a) the violation of the system requirements rule and (b) a suggested action to remediate the violation of the system requirements rule.

Abstract: A method of performing a security assessment of a system includes analyzing a static structure of the system; storing, in a semantic system model, structure information about the static structure of the system; observing the system during a plurality of discrete temporal system states; storing, in the semantic system model, dynamic information about the system during the plurality of discrete temporal system states; performing a semantic composition analysis on the structure information to identify at least one vulnerability of the system; performing a flow analysis on the dynamic information to identify at least one anomalous behavior of the system during at least one of the plurality of discrete temporal system states; and generating, based on the at least one vulnerability of the system and the at least one anomalous behavior of the system, a vulnerability assessment of the system.

Abstract: Techniques for automated system requirements analysis are disclosed. A system requirements analysis (SRA) service generates a system model that includes system requirements, at least by performing natural-language processing on a natural-language representation of the system requirements. Based at least on the system model, the SRA service performs an analysis of the system requirements against codified system requirements rules. The SRA service determines, based at least on the analysis of the system requirements against the codified system requirements rules, that the system requirements include a violation of a system requirements rule. The SRA service generates a report that identifies at least (a) the violation of the system requirements rule and (b) a suggested action to remediate the violation of the system requirements rule.

Abstract: A method of performing a security assessment of a system includes analyzing a static structure of the system; storing, in a semantic system model, structure information about the static structure of the system; observing the system during a plurality of discrete temporal system states; storing, in the semantic system model, dynamic information about the system during the plurality of discrete temporal system states; performing a semantic composition analysis on the structure information to identify at least one vulnerability of the system; performing a flow analysis on the dynamic information to identify at least one anomalous behavior of the system during at least one of the plurality of discrete temporal system states; and generating, based on the at least one vulnerability of the system and the at least one anomalous behavior of the system, a vulnerability assessment of the system.