Thorsten Weyer

Guiding requirements engineering for software-intensive embedded systems in the automotive industry

Over the past decade, a dramatic increase of functionality, quantity, size, and complexity of software-intensive embedded systems in the automotive industry can be observed. In particular, the growing complexity drives current requirements engineering practices to the limits. In close cooperation between partners from industry and academia, the recently completed REMsES (Requirements Engineering and Management for software-intensive Embedded Systems) project has developed a guideline to support requirements engineering processes in the automotive industry. The guideline enables the requirements engineers to cope with the challenges that arise due to quantity, size and complexity of software-intensive systems. This article presents the major results of the project, namely, the fundamental principles of the approach, the guideline itself, the tool support, and the major findings obtained during the evaluation of the approach.

Trustworthiness Attributes and Metrics for Engineering Trusted Internet-Based Software Systems

Trustworthiness of Internet-based software systems, apps, services and platform is a key success factor for their use and acceptance by organizations and end-users. The notion of trustworthiness, though, is subject to individual interpretation and preference, e.g., organizations require confidence about how their business critical data is handled whereas end-users may be more concerned about usability. As one main contribution, we present an extensive list of software quality attributes that contribute to trustworthiness. Those software quality attributes have been identified by a systematic review of the research literature and by analyzing two real-world use cases. As a second contribution, we sketch an approach for systematically deriving metrics to measure the trustworthiness of software system. Our work thereby contributes to better understanding which software quality attributes should be considered and assured when engineering trustworthy Internet-based software systems.

Introduction to the SPES Modeling Framework

The aim of model-based development is to use models as main development artifacts in all phases of the development process.

Detecting and Correcting Outdated Requirements in Function-Centered Engineering of Embedded Systems

[Context and Motivation] In function-centered engineering of embedded systems, changes of stakeholder intentions are often directly incorporated in the functional design without updating the behavioral requirements accordingly. [Question/Problem] As a consequence, it is likely that the behavioral requirements of the system become outdated over the course of the engineering process. [Principal Ideas/Results] We propose a validation technique that aids the requirements engineer in detecting and correcting outdated behavioral requirements. The approach relies on a dedicated review model that represents a consolidated view of behavioral requirements and functional design. [Contributions] This paper reports on a semi-automated approach and presents first experimental results showing that our technique can significantly aid the requirements engineer in the detection and correction of outdated behavioral requirements.

Maintaining trustworthiness of socio-technical systems at run-time

Trustworthiness of dynamical and distributed socio-technical systems is a key factor for the success and wide adoption of these systems in digital businesses. Different trustworthiness attributes should be identified and accounted for when such systems are built, and in order to maintain their overall trustworthiness they should be monitored during run-time. Trustworthiness monitoring is a critical task which enables providers to significantly improve the systems’ overall acceptance. However, trustworthiness characteristics are poorly monitored, diagnosed and assessed by existing methods and technologies. In this paper, we address this problem and provide support for semi-automatic trustworthiness maintenance. We propose a trustworthiness maintenance framework for monitoring and managing the system’s trustworthiness properties in order to preserve the overall established trust during run-time. The framework provides an ontology for run-time trustworthiness maintenance, and respective business processes for identifying threats and enacting control decisions to mitigate these threats. We also present use cases and an architecture for developing trustworthiness maintenance systems that support system providers.

The impact of students' skills and experiences on empirical results: a controlled experiment with undergraduate and graduate students

In empirical software engineering research, graduate students are often seen as legitimate substitutes for industry professionals. It has been also argued in the literature that the generalizability of empirical results from experiments with undergraduate students as participants holds to a much lower extent. In this paper, we report on a controlled experiment conducted separately with graduate students and undergraduate students in order to gain deeper insights whether the results from experiments with graduates and undergraduates in the software engineering field are equal or significantly different with respect to the conclusions that can be drawn. During the experiment, the students apply a specific validation technique for behavioral requirements of embedded software. We observed that graduates were significantly more effective, efficient, and confident in their tasks than the undergraduates. Nevertheless, the experiment with undergraduates also shows significant results, even though with a smaller effect size.

Validating the functional design of embedded systems against stakeholder intentions

In the embedded systems industry, function-centered engineering is commonly applied to address the increasing number and complexity of system functions. During function-centered engineering, the functional design that is created based on the defined requirements for the system is the main artifact that serves as a basis for subsequent development activities. If stakeholder intentions change and modifications become necessary, they are frequently incorporated directly into the functional design without updating the behavioral requirements accordingly. As a consequence, the correctness of the interplay of system functions as defined in the functional design cannot be assessed by checking it against the defined requirements (since they are outdated) but needs to be checked against the current stakeholder intentions. More precisely, the requirements engineer has to validate the functional design against the stakeholder intentions because he is the expert concerning the stakeholder intentions and can communicate with the stakeholders regarding them, if necessary. However, the requirements engineer is typically not familiar with the functional design and its notation on the one hand, and, on the other hand, the overall behavior of the system is spread across various diagrams in the functional design. Therefore, the requirements engineer needs a more abstract and consolidated view of the functional design in order to be able to validate its correctness with regard to the current stakeholder intentions. In this paper, we present an approach which is based on a specific kind of review model that is automatically generated from the functional design and supports the requirements engineer in her task. The approach that is presented in this paper is subject of ongoing research.

A Framework for Combining Problem Frames and Goal Models to Support Context Analysis during Requirements Engineering

Quality requirements, like security requirements, are difficult to elicit, especially if they cross multiple domains. Understanding these domains is an important issue in the requirements engineering process for the corresponding systems. Well-known requirements engineering approaches, such as goal-oriented techniques provide a good starting point in capturing security requirements in the form of soft-goals in the early stage of the software engineering process. However, such approaches are not sufficient for context and problem analysis. On the other hand, the context and problem modeling approaches like e.g., problem frames, do not address the system goals. Integrating the relevant context knowledge into goal models is a promising approach to address the mutual limitations. In this paper, we propose a framework for combining goal models and problem frames. The framework makes it possible to document the goals of the system together with the corresponding knowledge of the system’s context. Furthermore, it supports the process of refining (soft-) goals right up to the elicitation of corresponding security requirements. To show the applicability of our approach, we illustrate its application on a real-life case study concerning Smart Grids.

Bridging the Gap between Systems and Software Engineering by Using the SPES Modeling Framework as a General Systems Engineering Philosophy

A multitude of disciplines is involved in the engineering of embedded systems. One major challenge of engineering these systems is to consider the synchronization between different engineering disciplines on the process and artifact level in a coherent manner. Process standards address this challenge by defining a transition between the involved activities of the disciplines but they do not provide sufficient support with respect to the corresponding artifacts and their relationships. The missing artifact-oriented integration of the engineering disciplines (e.g. electrical engineering, software engineering, and mechanical engineering) within the systems engineering process leads to error-prone and cost-intensive synchronizations. In recent years, we participate in a consortium of more than twenty partners from academia and industry that jointly developed the SPES (Software Platform Embedded Systems) Modeling Framework (SPES MF) to support a seamless artifact-based engineering of software for embedded systems. In this paper, we present an approach that fosters the close integration of systems engineering and software engineering activities based on ISO/IEC 15288 and ISO/IEC 12207, by using the core concepts of the SPES MF as a general engineering philosophy for the architectural design of embedded systems.

Trustworthy Software Development

This paper presents an overview on how existing development methodologies and practices support the creation of trustworthy software. Trustworthy software is key for a successful and trusted usage of software, specifically in the Cloud. To better understand what trustworthy software applications actually mean, the concepts of trustworthiness and trust are defined and put in contrast to each other. Furthermore, we identify attributes of software applications that support trustworthiness. Based on this groundwork, some well-known software development methodologies and best practices are analyzed with respect on how they support the systematic engineering of trustworthy software. Finally, the state of the art is discussed in a qualitative way, and an outlook on necessary research efforts and technological innovations is given.