Fuzzy-based security requirements quality assessing: Comparison of security experts and generative AI

Key Points

• Quality assessment of security requirements reveals differing interpretations between human experts and AI.
• Security experts scored 15% higher than generative AI on average in assessing security requirements.
• Fuzzy logic-based framework was utilized for evaluating the quality of security assessments provided by both parties.
• The findings highlight the potential need for integrating human oversight in AI-driven assessments to enhance reliability.