Eric S. K. Yu

From object-oriented to goal-oriented requirements analysis

were proposed more than 10 years ago. The Object-Oriented Systems Analysis (OOSA) technique [12] adopts the Entity-Relationship (ER) model to capture the declarative aspects of a software system. This was soon followed by two new proposals, Object-Oriented Analysis [3] and the Object-Oriented Modeling Technique (OMT) [11], which support the modeling of declarative, behavioral as well as interactive aspects of a software system. Today, there are dozens of like-minded techniques and commercial tools founded on the OO way of thinking that support development from requirements analysis to implementation. Indeed, the great promise of OOA is that the whole software development process can be streamlined and simplified by having the same building blocks (objects, classes, methods, messages, inheritance and the like) used in all phases of development, from requirements to implementation. A recent proposal, the Unified Modeling Language (UML)—see www.rational. com/uml—attempts to integrate features of the more preeminent models in OOA, thereby enhancing reusability and consolidating the growing OOA market. Why is OOA popular? In a nutshell, because it significantly advances the state of practice in requirements modeling. The pracThe growing influence of object-oriented programming on programming practice

Security and privacy requirements analysis within a social setting

Security issues for software systems ultimately concern relationships among social actors stakeholders, system users, potential attackers - and the software acting on their behalf. We propose a methodological framework for dealing with security and privacy requirements based on i*, an agent-oriented requirements modeling language. The framework supports a set of analysis techniques. In particular, attacker analysis helps identify potential system abusers and their malicious intents. Dependency vulnerability analysis helps detect vulnerabilities in terms of organizational relationships among stakeholders. Countermeasure analysis supports the dynamic decision-making process of defensive system players in addressing vulnerabilities and threats. Finally, access control analysis bridges the gap between security requirement models and security implementation models. The framework is illustrated with an example involving security and privacy concerns in the design of agent-based health information systems. In addition, we discuss model evaluation techniques, including qualitative goal model analysis and property verification techniques based on model checking.

Conceptual Modeling: Foundations and Applications

Dear readers, when you are hunting the new book collection to read this day, conceptual modeling foundations and applications essays in honor of john mylopoulos can be your referred book. Yeah, even many books are offered, this book can steal the reader heart so much. The content and theme of this book really will touch your heart. You can find more and more experience and knowledge how the life is undergone.

From Non-Functional Requirements to Design through Patterns

Design patterns aid in documenting and communicating proven design solutions to recurring problems. They describe not only how to solve design problems, but also why a solution is chosen over others and what trade-offs are made. Non-functional requirements (NFRs) are pervasive in descriptions of design patterns. They play a crucial role in understanding the problem being addressed, the trade-offs discussed, and the design solution proposed. However, since design patterns are mostly expressed as informal text, the structure of the design reasoning is not systematically organised. This paper proposes a systematic treatment of NFRs in descriptions of patterns and when applying patterns during design. The approach organises, analyses and refines non-functional requirements, and provides guidance and reasoning support when applying patterns during the design of a software system. Three design patterns taken from the literature are used to illustrate this approach.

Ontologies for Knowledge Management: An Information Systems Perspective

Knowledge management research focuses on concepts, methods, and tools supporting the management of human knowledge. The main objective of this paper is to survey basic concepts that have been used in computer science for the representation of knowledge and summarize some of their advantages and drawbacks. A secondary objective is to relate these techniques to information science theory and practice.The survey classifies the concepts used for knowledge representation into four broad ontological categories. Static ontologies describe static aspects of the world, i.e., what things exist, their attributes and relationships. A dynamic ontology, on the other hand, describes the changing aspects of the world in terms of states, state transitions and processes. Intentional ontologies encompass the world of things agents believe in, want, prove or disprove, and argue about. Finally, social ontologies cover social settings – agents, positions, roles, authority, permanent organizational structures or shifting networks of alliances and interdependencies.

Exploring alternatives during requirements analysis

Goal-oriented requirements analysis techniques provide ways to refine organizational and technical objectives, to more effectively explore alternatives during requirements definition. After selecting a set of alternatives to achieve these objectives, you can elaborate on them during subsequent phases to make them more precise and complete. The authors argue that goal-oriented analysis complements and strengthens traditional requirements analysis techniques by offering a means for capturing and evaluating alternative ways of meeting business goals. They detail the five main steps that comprise goal-oriented analysis. These steps include goal analysis, softgoal analysis, softgoal correlation analysis, goal correlation analysis, and evaluation of alternatives. To illustrate the main elements of the proposed analysis technique, they explore a typical scenario that involves defining requirements for a meeting scheduling system.

Social Modeling and i

Many different types of models are used in various scientific and engineering fields, reflecting the subject matter and the kinds of understanding that is sought in each field. Conceptual modeling techniques in software and information systems engineering have in the past focused mainly on describing and analyzing behaviours and structures that are implementable in software. As software systems become ever more complex and densely intertwined with the human social environment, we need models that reflect the social characteristics of complex systems. This chapter reviews the approach taken by the i* framework, highlights its application in several areas, and outlines some open research issues.

On Goal-based Variability Acquisition and Analysis

We introduce a variability-intensive approach to goal decomposition that is tailored to support requirements identification for highly customizable software. The approach is based on the semantic characterization of OR-decompositions of goals. We first show that each high-level goal can be associated with a set of concerns, in response to which, alternative refinements of the goal can be introduced. A text corpus relevant to the domain of discourse can be used to derive such variability concerns that are specific to the problem. In parallel, contextual facts that can vary while a goal is being fulfilled are modeled. Then, a high-variability goal model is constructed aiming at responding to the predefined variability concerns completely, while contextual factors are used to test whether it addresses all realistic background circumstances. We apply our approach in a study from the geriatric health care domain

FROM E-R TO “A-R” — MODELLING STRATEGIC ACTOR RELATIONSHIPS FOR BUSINESS PROCESS REENGINEERING

As information systems are increasingly expected to work with humans cooperatively in complex organizational contexts, conceptual modelling techniques need to be extended to relate information structures and processes to business and organizational objectives. We propose a framework which focuses on the modelling of strategic actor relationships (“A-R”) for a richer conceptual model of business processes in their organizational settings. Organizations are viewed as being made up of social actors who are intentional — have motivations, wants, and beliefs — and strategic — they evaluate their relationships to each other in terms of opportunities and vulnerabilities. The framework supports formal modelling of the network of dependency relationships among actors, and the systematic exploration and assessment of alternative process designs in reengineering. The semantics of the modelling concepts are axiomatically characterized. By embedding the framework in the Telos language, the framework can also potential...

Modelling Trust for System Design Using the i* Strategic Actors Framework

The i*framework was developed to support requirement analysis and high-level design in an agent-oriented system development paradigm. It models intentional dependency relationships among strategic actors and their rationales. As actors depend on each other for goals to be achieved, tasks to be performed, and resources to be furnished, the trust relationships among these actors need to be considered to reason about the opportunities and vulnerabilities these dependencies bring. The concept of softgoal is used to model quality attributes for which there are no a priori, clear-cut criteria for satisfaction, but are judged by actors as being sufficiently met (≪satisficed≫) on a case-by-case basis. In this paper, trustworthiness is treated as a softgoal to be satisficed from the viewpoint of each stakeholder. Contributions to trustworthiness are considered using a qualitative reasoning approach. Examples from the smart card domain are used to illustrate.