Measuring Satisfaction of Security Requirements Using Fuzzy Soft Set Theory

Dyala Ibrahim; Omar Isam Al Mrayat; Lial Raja Alzabin; Ahmad Alajarmeh; Ahmad Reda  Alzighaibi; Hasan Hashim; El-Sayed  Atlam; Malik Jawarneh

doi:10.47852/bonviewJCCE52026871

Authors

Dyala Ibrahim Department of Cyber Security, Amman Arab University, Jordan https://orcid.org/0000-0002-5216-5769
Omar Isam Al Mrayat Department of Software Engineering, Amman Arab University, Jordan https://orcid.org/0009-0003-0459-8185
Lial Raja Alzabin Department of Computer Science, Amman Arab University, Jordan https://orcid.org/0000-0003-3365-7263
Ahmad Alajarmeh Department of Data Science and Artificial Intelligence, Amman Arab University, Jordan https://orcid.org/0009-0000-7042-5491
Ahmad Reda Alzighaibi Department of Information Systems, Taibah University, Saudi Arabia
Hasan Hashim Department of Information Systems, Taibah University, Saudi Arabia
El-Sayed Atlam Department of Computer Science, Taibah University, Saudi Arabia and Department of Computer Science, Tanta University, Egypt https://orcid.org/0000-0002-4728-590X
Malik Jawarneh Department of Computer Science, Amman Arab University, Jordan

DOI:

https://doi.org/10.47852/bonviewJCCE52026871

Keywords:

security requirements, software development, software engineers, software systems, software vulnerabilities

Abstract

In recent years, a range of innovative approaches have been developed to tackle decision-making challenges more effectively. These approaches include concepts such as probability theory, fuzzy set theory, intuitionistic fuzzy sets, vague sets, interval mathematics, and rough set theory. These tools each offer unique approaches to managing uncertainty and imprecision, which are common when working with complex systems. One major issue in software development is failure to meet security requirements. This can be caused by a variety of factors, such as unclear security specifications, evolving threat landscapes, or gaps in communication among stakeholders. To address this persistent problem, this paper introduces a new method designed to quantify security requirements more accurately and streamline the decision-making process for assessing security risks. This approach is based on fuzzy soft set theory, which allows for more flexible and precise handling of uncertain or ambiguous information. By using this method, software engineers and security professionals can gain a clearer understanding of security risks and make better-informed decisions when building secure systems. To demonstrate the practical value of the proposed method, a case study is conducted to evaluate its effectiveness. The results of this case study suggest that security administrators can use this method to implement more targeted and efficient security measures, ensuring that the systems they develop are more resilient to potential threats.

Received: 20 July 2025 | Revised: 20 October 2025 | Accepted: 31 October 2025

Conflicts of Interest

The authors declare that they have no conflicts of interest to this work.

Data Availability Statement

Data are available from the corresponding author upon reasonable request.

Author Contribution Statement

Dyala Ibrahim: Conceptualization, Software, Resources, Data curation, Writing – review & editing, Supervision, Project administration. Omar Isam Al Mrayat: Conceptualization, Methodology, Software, Resources, Data curation, Writing – review & editing, Supervision, Project administration. Lial Raja Alzabin: Software, Resources, Data curation, Visualization. Ahmad Alajarmeh: Validation, Visualization. Ahmad Reda Alzighaibi: Validation, Formal analysis, Writing – original draft. Hasan Hashim: Investigation. El-Sayed Atlam: Investigation. Malik Jawarneh: Investigation.