Pilipchuk, RomanSeifermann, StephanTaspolatoglu, Emre2017-09-262017-09-262017https://dl.gi.de/handle/20.500.12116/4699Information systems are subject to continuous change. In order to conduct empirical research on methods for software evolution, CoCoME was developed as a community-driven case study system. It is, however, not suitable for the validation of security-related approaches, as neither security nor privacy have been addressed in any evolution scenario. We elicited 53 secu- rity requirements coming from law, security guidelines and known threats. In this paper, we present three out of twelve security requirement categories including one representative requirement and share our experience in building the foundation for a security-oriented evolution scenario. Researchers in the field of secure software evolution can validate their approaches using this future evolution scenario.en0720-8928