Mohamed El-Attar

Empirical evaluation of optimization algorithms when used in goal-oriented automated test data generation techniques

Software testing is an essential process in software development. Software testing is very costly, often consuming half the financial resources assigned to a project. The most laborious part of software testing is the generation of test-data. Currently, this process is principally a manual process. Hence, the automation of test-data generation can significantly cut the total cost of software testing and the software development cycle in general. A number of automated test-data generation approaches have already been explored. This paper highlights the goal-oriented approach as a promising approach to devise automated test-data generators. A range of optimization techniques can be used within these goal-oriented test-data generators, and their respective characteristics, when applied to these situations remain relatively unexplored. Therefore, in this paper, a comparative study about the effectiveness of the most commonly used optimization techniques is conducted.

Improving the quality of use case models using antipatterns

Use case (UC) modeling is a popular requirements modeling technique. While these models are simple to create and read; this simplicity is often misconceived, leading practitioners to believe that creating high quality models is straightforward. Therefore, many low quality models that are inconsistent, incorrect, contain premature restrictive design decision and contain ambiguous information are produced. To combat this problem of creating low quality UC models, this paper presents a new technique that utilizes antipatterns as a mechanism for remedying quality problems in UC models. The technique, supported by the tool ARBIUM, provides a framework for developers to define antipatterns. The feasibility of the approach is demonstrated by applying it to a real-world system. The results indicate that applying the technique improves the overall quality and clarity of UC models.

Constructing high quality use case models: a systematic review of current practices

There is an increasing recognition for the need to develop high quality use case models from the professional and academic communities. Quality in use case models is of particular importance when they are utilized within a use case driven development process, whereby every aspect of development is driven by the models and influenced by their quality. Many practitioners and researchers have provided guidelines, suggestions and techniques to construct high quality use case models. This invaluable body of knowledge is disseminated across numerous literature resources. Without unifying this knowledge into one resource, it cannot be expected that a use case modeler would be fully aware of the entire body of knowledge and benefitting from it. This paper presents a systematic review that was conducted in order to identify and amalgamate this knowledge. The amalgamated knowledge is presented in a unified form, specifically as a set of 26 anti-patterns, which modelers can use to improve the quality of their models.

Producing robust use case diagrams via reverse engineering of use case descriptions

In a use case driven development process, a use case model is utilized by a development team to construct an object-oriented software system. The large degree of informality in use case models, coupled with the fact that use case models directly affect the quality of all aspects of the development process, is a very dangerous combination. Naturally, informal use case models are prone to contain problems, which lead to the injection of defects at a very early stage in the development cycle. In this paper, we propose a structure that will aid the detection and elimination of potential defects caused by inconsistencies present in use case models. The structure contains a small set of formal constructs that will allow use case models to be machine readable while retaining their readability by retaining a large degree of unstructured natural language. In this paper we also propose a process which utilizes the structured use cases to systematically generate their corresponding use case diagrams and vice versa. Finally a tool provides support for the new structure and the new process. To demonstrate the feasibility of this approach, a simple study is conducted using a mock online hockey store system.

A subject-based empirical evaluation of SSUCD's performance in reducing inconsistencies in use case models

The problem of inconsistencies in Use Case models has plagued practitioners over the years and has been a topic of interest for many researchers. In Use Case driven approaches, the damaging effects of inconsistencies escalate as inconsistencies have a detrimental influence on every aspect of the development process. The repercussions of inconsistencies have been well documented, but little progress has been made towards reducing and remedying their effects. This paper presents a controlled experiment, which evaluates the reduction of inconsistencies resulting from deploying a new structure called (Simple Structured Use Case Descriptions) SSUCD, which is used to assist with the development of Use Case descriptions. This experiment also investigates the impact of improving consistency amongst Use Case models on other key Use Case modeling quality attributes. The results of this experiment demonstrate that using SSUCD leads to an improvement in consistency between use case models and their associated descriptions.

Matching Antipatterns to Improve the Quality of Use Case Models

Use case modeling is an effective technique used to capture functional requirements. Use case models are mainly composed of textual descriptions written in natural language and simple diagrams that adhere to a few syntactic rules. This simplicity can be deceptive as many modelers create use case models that are incorrect, inconsistent, and ambiguous and contain restrictive design decisions. In this paper, a new methodology is described that utilizes antipatterns to detect potentially defective areas in use case models. This paper introduces the tool ARBIUM, which will support the proposed technique and aid analysts to improve the quality of their models. ARBIUM presents a framework that will allow developers to define their own antipatterns using OCL and textual descriptions. The proposed approach and tool are applied to a distributed biodiversity database use case model to demonstrate its feasibility. Our results indicate that they can improve the overall clarity and precision of use case models

A scientific evaluation of the misuse case diagrams visual syntax

ContextMisuse case modeling is a well-known technique in the domain of capturing and specifying functional security requirements. Misuse case modeling provides a mechanism for security analysts to consider and account for security requirements in the early stages of a development process instead of relying on generic defensive mechanisms that are augmented to software systems towards the latter stages of development. ObjectiveMany research contributions in the area of misuse case modeling have been devoted to extending the notation to increase its coverage of additional security related semantics. However, there lacks research that evaluates the perception of misuse case models by its readers. A misread or misinterpreted misuse case model can have dire consequences downstream leading to the development of an insecure system. MethodThis paper presents an assessment of the design of the original misuse case modeling notation based on the Physics of Notations framework. A number of improvements to the notation were suggested. A survey and a controlled experiment were carried out to compare the cognitive effectiveness of the new notation in comparison to the original notation. ResultsThe survey had 55 participants for have mostly indicated that the new notation is more semantically transparent than the original notation. The results of the experiment show that subjects reading diagrams developed using the new notation performed their tasks an average 6min quicker, while in general the subjects performed their tasks in approximately 14.5min. The experimental tasks only required subjects reading diagrams and not creating them. ConclusionThe main finding of this paper is that the use of colors and icons has improved the readability of misuse case diagrams. Software engineering notations are usually black and white. It is expected that the readability of other software notations will improve if they utilize colors and icons.

Developing comprehensive acceptance tests from use cases and robustness diagrams

In agile development processes, the rewards from acceptance testing are maximized by using the practice to drive the development process. Traditionally, User Stories are used in agile projects to describe a system’s usage scenarios and are utilized as a basis for developing acceptance tests. This paper introduces a technique that aims to achieve the benefits of acceptance testing within large-scale development projects that deploy a V-model development process, specifically those that utilize use case models. The approach is based on utilizing a number of artifacts: use case models supported by robustness diagrams and domain models. The feasibility of the proposed approach is demonstrated by applying it to a real-world system—the RestoMapper system. The results show that a comprehensive set of acceptance tests can be developed based upon use case models.

Using security robustness analysis for early-stage validation of functional security requirements

Abstract Security is nowadays an indispensable requirement in software systems. Traditional software engineering processes focus primarily on business requirements, leaving security as an afterthought to be addressed via generic “patched-on” defensive mechanisms. This approach is insufficient, and software systems need to have security functionality engineered within in a similar fashion as ordinary business functional requirements. Functional security requirements need to be elicited, analyzed, specified and validated at the early stages of the development life cycle. If the functional security requirements were not properly validated, then there is a risk of developing a system that is insecure, deeming it unusable. Acceptance testing is an effective technique to validate requirements. However, an ad hoc approach to develop acceptance tests will suffer the omission of important tests. This paper presents a systematic approach to develop executable acceptance tests that is specifically geared for model-based secure software engineering processes. The approach utilizes early-stage artifacts, namely misuse case and domain models, and robustness diagrams. The feasibility of the proposed approach is demonstrated by applying it to a real-world system. The results show that a comprehensive set of security acceptance tests can be developed based upon misuse case models for early-stage validation of functional security requirements.

Towards developing consistent misuse case models

Secure software development should begin at the early stages of the development life cycle. Misuse case modeling is a technique that stems from traditional use case modeling, which facilitates the elicitation and modeling functional security requirements at the requirements phase. Misuse case modeling is an effective vehicle to potentially identify a large subset of these threats. It is therefore crucial to develop high quality misuse case models otherwise end system developed will be vulnerable to security threats. Templates to describe misuse cases are populated with syntax-free natural language content. The inherent ambiguity of syntax-free natural language coupled with the crucial role of misuse case models in development can have a very detrimental effect. This paper proposes a structure that will guide misuse case authors towards developing consistent misuse case models. This paper also presents a process that utilizes this structure to ensure the consistency of misuse case models as they evolve, eliminating potential damages caused by inconsistencies. A tool was developed to provide automation support for the proposed structure and process. The feasibility and application of this approach were demonstrated using two real-world case studies.