High-level security properties (e.g., confidentiality, integrity) in the Software Development Life Cycle (SDLC) lack systematic refinement mechanisms, leading to semantic disconnects between these properties and concrete artifacts such as threats, defenses, and assets. Method: We propose the first SDLC-wide security property refinement taxonomy, implemented as a formal, refinable, verifiable, and traceable classification framework in Event-B. The framework integrates principles from security engineering and adaptive systems theory. Contribution: It bridges the semantic gap between high-level security objectives and mid-to-low-level security models, enabling co-evolution of security properties with threat and defense models. Rigorously verified in Event-B, the framework ensures logical consistency and correctness. It provides both theoretically sound foundations and practically actionable guidance for security requirements–driven system development.

Confidentiality, integrity, availability, authenticity, authorization, and accountability are known as security properties that secure systems should preserve. They are usually considered as security final goals that are achieved by system development activities, either in a direct or an indirect manner. However, these security properties are mainly elicited in the high-level requirement phase during the System Development Life Cycle (SDLC) and are not refined throughout the latter phases as other artifacts such as attacks, defenses, and system assets. To align security properties refinement with attacks, defenses, and system assets refinements, we propose an SDLC taxonomy of security properties that may be used in a self-adaptive context and present the methodology for defining it. To verify and check the correctness of the resulting taxonomy, we use the Event-B formal language.