Traditionally, safety-critical projects have been developed using the waterfall process. However, this makes it costly and challenging to incrementally introduce new features and to certify the modified product for use. As a result, there has been increasing interest in adopting agile development paradigms within the safety-critical domain. This in turn introduces numerous challenges. In this paper we address the specific problems of discovering, analyzing, specifying, and managing safety requirements within the agile Scrum process. We propose SafetyScrum, a methodology that augments the Scrum lifecycle with incrementally applied safety-related activities and introduces the notion of "safety debt" for incrementally tracking the current safety status of a project. We demonstrate the viability of SafetyScrum for managing safety stories in an agile development environment by applying it to a project in which our existing Unmanned Aerial Vehicle system is enhanced to support a River-Rescue scenario.
{"title":"Discovering, Analyzing, and Managing Safety Stories in Agile Projects","authors":"J. Cleland-Huang, Michael Vierhauser","doi":"10.1109/RE.2018.00034","DOIUrl":"https://doi.org/10.1109/RE.2018.00034","url":null,"abstract":"Traditionally, safety-critical projects have been developed using the waterfall process. However, this makes it costly and challenging to incrementally introduce new features and to certify the modified product for use. As a result, there has been increasing interest in adopting agile development paradigms within the safety-critical domain. This in turn introduces numerous challenges. In this paper we address the specific problems of discovering, analyzing, specifying, and managing safety requirements within the agile Scrum process. We propose SafetyScrum, a methodology that augments the Scrum lifecycle with incrementally applied safety-related activities and introduces the notion of \"safety debt\" for incrementally tracking the current safety status of a project. We demonstrate the viability of SafetyScrum for managing safety stories in an agile development environment by applying it to a project in which our existing Unmanned Aerial Vehicle system is enhanced to support a River-Rescue scenario.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126350619","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Fatma Başak Aydemir, F. Dalpiaz, S. Brinkkemper, P. Giorgini, J. Mylopoulos
Context. Goal models have long been critiqued for the time it takes to construct them as well as for their limited cognitive and visual scalability. Is such criticism general or does it depend on the supported task? Objectives. We advocate for the latter and the aim of this paper is to demonstrate that the next release problem is a suitable application domain for goal models. This hypothesis stems from the fact that product release management is a long-term investment, and software products are commonly managed in "themes" which are smaller focus areas of the product. Methods. We employ a version of goal models that is tailored for the next release problem by capturing requirements, synergies among them, constraints, and release objectives. Such goal model allows discovering optimal solutions considering multiple criteria for the next release. Results. A retrospective case study confirms that goal models are easier to read and comprehend when organized in themes, and that the reasoning results help product managers decide for the next release. Our scalability experiments show that, through reasoning based on optimization modulo theories, the discovery of the optimal solution is fast and scales sufficiently well with respect to the model size, connectivity, and number of alternative solutions.
{"title":"The Next Release Problem Revisited: A New Avenue for Goal Models","authors":"Fatma Başak Aydemir, F. Dalpiaz, S. Brinkkemper, P. Giorgini, J. Mylopoulos","doi":"10.1109/RE.2018.00-56","DOIUrl":"https://doi.org/10.1109/RE.2018.00-56","url":null,"abstract":"Context. Goal models have long been critiqued for the time it takes to construct them as well as for their limited cognitive and visual scalability. Is such criticism general or does it depend on the supported task? Objectives. We advocate for the latter and the aim of this paper is to demonstrate that the next release problem is a suitable application domain for goal models. This hypothesis stems from the fact that product release management is a long-term investment, and software products are commonly managed in \"themes\" which are smaller focus areas of the product. Methods. We employ a version of goal models that is tailored for the next release problem by capturing requirements, synergies among them, constraints, and release objectives. Such goal model allows discovering optimal solutions considering multiple criteria for the next release. Results. A retrospective case study confirms that goal models are easier to read and comprehend when organized in themes, and that the reasoning results help product managers decide for the next release. Our scalability experiments show that, through reasoning based on optimization modulo theories, the discovery of the optimal solution is fast and scales sufficiently well with respect to the model size, connectivity, and number of alternative solutions.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132266108","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Socio-cyber-physical systems (SCPSs) are cyber-physical systems (CPSs) with a socio-technical system (STS) aspect. Several SCPSs need to adapt dynamically to changing situations in order to reach an optimal symbiosis with users in their contexts. Tailoring requirements engineering activities and modeling techniques is needed for developing SCPSs and supporting their runtime adaptability. The proposed thesis aims to combine a common way of modeling STSs (i.e., goal modeling with the Goal-oriented Requirement Language – GRL) to a conventional way of modeling CPSs (i.e., SysML and feature models) in order to integrate social concepts early in SCPS requirements, design, simulation, and implementation activities. To help guarantee system quality and compliance during both design time and runtime adaptations, the thesis proposes to translate goal and feature models to mathematical functions used to validate possible design and adaptation alternatives both during simulations at design time and adaptations at runtime. These functions can be used outside goal modeling tools and be combined to SysML models, simulations, problem solvers, and implementation tools. Furthermore, an integration between GRL and SysML models via a third-party requirements management system is proposed in order to strengthen system traceability and help ensure that stakeholder goals were considered properly during the SCPS development process.
{"title":"Modeling Adaptive Socio-Cyber-Physical Systems with Goals and SysML","authors":"A. Anda","doi":"10.1109/RE.2018.00059","DOIUrl":"https://doi.org/10.1109/RE.2018.00059","url":null,"abstract":"Socio-cyber-physical systems (SCPSs) are cyber-physical systems (CPSs) with a socio-technical system (STS) aspect. Several SCPSs need to adapt dynamically to changing situations in order to reach an optimal symbiosis with users in their contexts. Tailoring requirements engineering activities and modeling techniques is needed for developing SCPSs and supporting their runtime adaptability. The proposed thesis aims to combine a common way of modeling STSs (i.e., goal modeling with the Goal-oriented Requirement Language – GRL) to a conventional way of modeling CPSs (i.e., SysML and feature models) in order to integrate social concepts early in SCPS requirements, design, simulation, and implementation activities. To help guarantee system quality and compliance during both design time and runtime adaptations, the thesis proposes to translate goal and feature models to mathematical functions used to validate possible design and adaptation alternatives both during simulations at design time and adaptations at runtime. These functions can be used outside goal modeling tools and be combined to SysML models, simulations, problem solvers, and implementation tools. Furthermore, an integration between GRL and SysML models via a third-party requirements management system is proposed in order to strengthen system traceability and help ensure that stakeholder goals were considered properly during the SCPS development process.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131994936","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Security requirements elicitation is considered a "wicked" problem. Open issues such as determining relevant set of secure requirements, uncertainty and poor decision-making by developers deserves the needed attention. Ontologies and recommender systems have been used in the requirements elicitation. The goals of this dissertation are to 1) develop an ontology-based collaborative recommender system to help with security requirements elicitation and conduct a system performance evaluation and 2) conduct user-centric study of stakeholders using the recommender system. This system will help recommend CAPEC/CWE that should be considered in a given system to be built based on the use case description and so doing will reduce the workload of eliciting relevant security requirements. An analysis of the system performance and user-centric effects will be used to evaluate usefulness of the recommender system for developers.
{"title":"An Ontology Based Collaborative Recommender System for Security Requirements Elicitation","authors":"Imano Williams","doi":"10.1109/RE.2018.00060","DOIUrl":"https://doi.org/10.1109/RE.2018.00060","url":null,"abstract":"Security requirements elicitation is considered a \"wicked\" problem. Open issues such as determining relevant set of secure requirements, uncertainty and poor decision-making by developers deserves the needed attention. Ontologies and recommender systems have been used in the requirements elicitation. The goals of this dissertation are to 1) develop an ontology-based collaborative recommender system to help with security requirements elicitation and conduct a system performance evaluation and 2) conduct user-centric study of stakeholders using the recommender system. This system will help recommend CAPEC/CWE that should be considered in a given system to be built based on the use case description and so doing will reduce the workload of eliciting relevant security requirements. An analysis of the system performance and user-centric effects will be used to evaluate usefulness of the recommender system for developers.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116289437","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In practice, there is the trend towards the development of increasingly complex software ecosystems consisting of information as well as embedded systems. The development and evolution of such ecosystems is challenging because of the involvement of a multitude of organizations providing software or hardware components on the ecosystem's platform. Therefore, for the purpose of deriving requirements towards the future development of the ecosystem and its platform, the gaining of insights into the eco-system is crucial as well as difficult. In my research, I work on the creation of an understanding of information needs in the context of smart ecosystems to build dedicated representations that support the ecosystem evolution. In this paper, I present results of an initial consideration of related work and give an outline of my planned future research including expected contributions, along with a summary of the status of the work done so far.
{"title":"Decision Support for Smart Ecosystem Evolution","authors":"Matthias Koch","doi":"10.1109/RE.2018.00064","DOIUrl":"https://doi.org/10.1109/RE.2018.00064","url":null,"abstract":"In practice, there is the trend towards the development of increasingly complex software ecosystems consisting of information as well as embedded systems. The development and evolution of such ecosystems is challenging because of the involvement of a multitude of organizations providing software or hardware components on the ecosystem's platform. Therefore, for the purpose of deriving requirements towards the future development of the ecosystem and its platform, the gaining of insights into the eco-system is crucial as well as difficult. In my research, I work on the creation of an understanding of information needs in the context of smart ecosystems to build dedicated representations that support the ecosystem evolution. In this paper, I present results of an initial consideration of related work and give an outline of my planned future research including expected contributions, along with a summary of the status of the work done so far.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"248 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116391983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Venkatesh T. Dhinakaran, Raseshwari Pulle, Nirav Ajmeri, Pradeep K. Murukannaiah
Automated app review analysis is an important avenue for extracting a variety of requirements-related information. Typically, a first step toward performing such analysis is preparing a training dataset, where developers (experts) identify a set of reviews and, manually, annotate them according to a given task. Having sufficiently large training data is important for both achieving a high prediction accuracy and avoiding overfitting. Given millions of reviews, preparing a training set is laborious. We propose to incorporate active learning, a machine learning paradigm, in order to reduce the human effort involved in app review analysis. Our app review classification framework exploits three active learning strategies based on uncertainty sampling. We apply these strategies to an existing dataset of 4,400 app reviews for classifying app reviews as features, bugs, rating, and user experience. We find that active learning, compared to a training dataset chosen randomly, yields a significantly higher prediction accuracy under multiple scenarios.
{"title":"App Review Analysis Via Active Learning: Reducing Supervision Effort without Compromising Classification Accuracy","authors":"Venkatesh T. Dhinakaran, Raseshwari Pulle, Nirav Ajmeri, Pradeep K. Murukannaiah","doi":"10.1109/RE.2018.00026","DOIUrl":"https://doi.org/10.1109/RE.2018.00026","url":null,"abstract":"Automated app review analysis is an important avenue for extracting a variety of requirements-related information. Typically, a first step toward performing such analysis is preparing a training dataset, where developers (experts) identify a set of reviews and, manually, annotate them according to a given task. Having sufficiently large training data is important for both achieving a high prediction accuracy and avoiding overfitting. Given millions of reviews, preparing a training set is laborious. We propose to incorporate active learning, a machine learning paradigm, in order to reduce the human effort involved in app review analysis. Our app review classification framework exploits three active learning strategies based on uncertainty sampling. We apply these strategies to an existing dataset of 4,400 app reviews for classifying app reviews as features, bugs, rating, and user experience. We find that active learning, compared to a training dataset chosen randomly, yields a significantly higher prediction accuracy under multiple scenarios.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116426910","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Moitra, Kit Siu, A. Crapo, H. R. Chamarthi, Michael Durling, Meng Li, Han Yu, P. Manolios, Michael Meiners
Writing requirements is no easy task. Common problems include ambiguity in statements, specifications at the wrong level of abstraction, statements with inconsistent references to types, conflicting requirements, and incomplete requirements. These pitfalls lead to errors being introduced early in the design process. The longer the gap between error introduction and error discovery, the higher the cost associated with the error. To address the growing cost of system development, we introduce a tool called ASSERT" (Analysis of Semantic Specifications and Efficient generation of Requirements-based Tests) for capturing requirements, backed by a formal requirements analysis engine. ASSERT" also automatically generates a complete set of requirements-based test cases. Capturing requirements in an unambiguous way and then formally analyzing them with an automated theorem prover eliminates errors as soon as requirements are written. It also addresses the historical problem that analysis engines are hard to use for someone without formal methods expertise and analysis results are often difficult for the end-user to understand and make actionable. ASSERT"'s major contribution is to bring powerful requirements capture and analysis capability to the domain of the end-user. We provide explainable and automated formal analysis, something we found important for a tool's adoptability in industry.
{"title":"Towards Development of Complete and Conflict-Free Requirements","authors":"A. Moitra, Kit Siu, A. Crapo, H. R. Chamarthi, Michael Durling, Meng Li, Han Yu, P. Manolios, Michael Meiners","doi":"10.1109/RE.2018.00036","DOIUrl":"https://doi.org/10.1109/RE.2018.00036","url":null,"abstract":"Writing requirements is no easy task. Common problems include ambiguity in statements, specifications at the wrong level of abstraction, statements with inconsistent references to types, conflicting requirements, and incomplete requirements. These pitfalls lead to errors being introduced early in the design process. The longer the gap between error introduction and error discovery, the higher the cost associated with the error. To address the growing cost of system development, we introduce a tool called ASSERT\" (Analysis of Semantic Specifications and Efficient generation of Requirements-based Tests) for capturing requirements, backed by a formal requirements analysis engine. ASSERT\" also automatically generates a complete set of requirements-based test cases. Capturing requirements in an unambiguous way and then formally analyzing them with an automated theorem prover eliminates errors as soon as requirements are written. It also addresses the historical problem that analysis engines are hard to use for someone without formal methods expertise and analysis results are often difficult for the end-user to understand and make actionable. ASSERT\"'s major contribution is to bring powerful requirements capture and analysis capability to the domain of the end-user. We provide explainable and automated formal analysis, something we found important for a tool's adoptability in industry.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131973430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jéssyka Vilela, J. Castro, L. E. G. Martins, T. Gorschek
Context: Requirements issues tend to be mitigated in organizations with high process maturity levels since they do their business in a systematic, consistent and proactive approach. In a Safety-Critical System (SCS), requirements problems have been associated with accidents and safety incidents. Objective: This work investigates which safety practices/actions are suitable to be used in the Requirements Engineering (RE) process of SCS and how to design a safety maturity model for this area. Method: we adopted different empirical techniques to propose Uni-REPM SCS, which consists of a safety module to be included in the Unified Requirements Engineering Process Maturity Model (Uni-REPM). Results: The safety module has seven main processes, 14 sub-processes and 148 safety actions describing principles and practices that form the basis of safety processes maturity. Conclusions: Preliminary validation with two practitioners and nine academic experts indicates that the safety module can help organizations to evaluate their current safety practices with respect to their RE process. Moreover, it also offers a step-wise improvement strategy to raise their safety maturity level.
{"title":"Assessment of Safety Processes in Requirements Engineering","authors":"Jéssyka Vilela, J. Castro, L. E. G. Martins, T. Gorschek","doi":"10.1109/RE.2018.00-25","DOIUrl":"https://doi.org/10.1109/RE.2018.00-25","url":null,"abstract":"Context: Requirements issues tend to be mitigated in organizations with high process maturity levels since they do their business in a systematic, consistent and proactive approach. In a Safety-Critical System (SCS), requirements problems have been associated with accidents and safety incidents. Objective: This work investigates which safety practices/actions are suitable to be used in the Requirements Engineering (RE) process of SCS and how to design a safety maturity model for this area. Method: we adopted different empirical techniques to propose Uni-REPM SCS, which consists of a safety module to be included in the Unified Requirements Engineering Process Maturity Model (Uni-REPM). Results: The safety module has seven main processes, 14 sub-processes and 148 safety actions describing principles and practices that form the basis of safety processes maturity. Conclusions: Preliminary validation with two practitioners and nine academic experts indicates that the safety module can help organizations to evaluate their current safety practices with respect to their RE process. Moreover, it also offers a step-wise improvement strategy to raise their safety maturity level.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126921660","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A System of Systems (SoS) is a term used to describe independent systems converging for a purpose that could only be carried out through this interdependent collaboration. Many examples of SoSs exist, but the term has become a source of confusion across domains. Moreover, there are few illustrative SoS examples demonstrating their initial classification and structure. While there are many approaches for engineering of systems, less exist for SoS engineering. More specifically, there is a research gap towards approaches addressing SoS security risk assessment for engineering and operational needs, with a need for tool-support to assist modelling and visualising security risk and requirements in an interconnected SoS. From this, security requirements can provide a systematic means to identify constraints and related risks of the SoS, mitigated by human-user and system requirements. This work investigates specific challenges and current approaches for SoS security and risk, and aims to identify the alignment of SoS factors and concepts suitable for eliciting, analysing, validating risks with use of a tool-support for assessing security risk in the SoS context.
{"title":"Assessing Security Risk and Requirements for Systems of Systems","authors":"Duncan Ki-Aries","doi":"10.1109/RE.2018.00061","DOIUrl":"https://doi.org/10.1109/RE.2018.00061","url":null,"abstract":"A System of Systems (SoS) is a term used to describe independent systems converging for a purpose that could only be carried out through this interdependent collaboration. Many examples of SoSs exist, but the term has become a source of confusion across domains. Moreover, there are few illustrative SoS examples demonstrating their initial classification and structure. While there are many approaches for engineering of systems, less exist for SoS engineering. More specifically, there is a research gap towards approaches addressing SoS security risk assessment for engineering and operational needs, with a need for tool-support to assist modelling and visualising security risk and requirements in an interconnected SoS. From this, security requirements can provide a systematic means to identify constraints and related risks of the SoS, mitigated by human-user and system requirements. This work investigates specific challenges and current approaches for SoS security and risk, and aims to identify the alignment of SoS factors and concepts suitable for eliciting, analysing, validating risks with use of a tool-support for assessing security risk in the SoS context.","PeriodicalId":445032,"journal":{"name":"2018 IEEE 26th International Requirements Engineering Conference (RE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125702815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: