Security is an important aspect of embedded systems design. The characteristics of embedded systems give rise to a number of novel vulnerabilities. A variety of different solutions are being developed to address these security problems and hence why and how security requirements engineering must be adapted or developed for different approaches have to be studied.This paper presents a systematic review of the current use of requirements engineering activities for the security of embedded systems.8 papers from the last decade have been reviewed from an initial set of 51 papers. The results show that although Security Domain Models techniques are used to a great extent with partitioning methodologies, at the requirements level most Security Domain Models approaches for embedded systems use only partially defined requirements models or even natural language. We additionally identify several research gaps such as a need for more efforts to explicitly deal with requirements traceability and providing a better tool support.
Key words: model-driven engineering, security requirements engineering, embedded systems, computer security, design methodologies, component architecture, and systematic review.