Topics addressed by ESPRE are those which will promote discussion about advancing Security & Privacy Requirements Engineering. These include, but are not excluded to:
- Security and privacy requirements elicitation and analysis
- Identification and management of all stakeholders (including attackers)
- Modelling multilateral stakeholder perspectives on security and privacy
- Scalability of security requirements engineering approaches
- Modelling of domain knowledge for security and privacy requirements
- Ontologies for security and privacy requirements engineering
- Security and privacy requirements engineering processes
- Evolution of security and privacy requirements
- Security requirements-based testing
- Consideration of legal compliance during security & privacy requirements engineering
- Use of requirements engineering to create security and privacy standard-compliant software
- Modelling of trust and risk
- Validation and verification of security and privacy requirements
- Teaching and training in security and privacy requirements engineering
- The role of security and privacy requirements engineering to support design innovation
- Positive (and especially negative) lessons learned applying security and requirements engineering in practice