CAIRIS (Computer Aided Integration of Requirements and Information Security) is a Requirements Management tool for specifying secure and usable systems. CAIRIS was built from the ground-up to support the elements necessary for usability, requirements, and risk analysis. CAIRIS features include:

• Support for KAOS goal and obstacle modelling, and traceability between goal, requirements, security, and usability model elements.
• Support for entering and managing usability data, such as personas, tasks, and use cases
• Support for entering and managing risk analysis data.
• Support for specifying attack patterns to reason about potential attacks.
• The ability to import architectural patterns to automatically derive attack surface metrics based on them.
• Automatic visualisation of models, and quantitative/qualitative scoring of security and usability data
• Automatic document generation of a VOLERE compliant requirements specification.

CAIRIS should run on most recent flavours of Linux. See the CAIRIS website for installation instructions and manual.