research-article

Risk-driven revision of requirements models

Authors:

Axel van Lamsweerde,

Alessandra Russo,

Sebastian UchitelAuthors Info & Claims

ICSE '16: Proceedings of the 38th International Conference on Software Engineering

Pages 855 - 865

https://doi.org/10.1145/2884781.2884838

Published: 14 May 2016 Publication History

Abstract

Requirements incompleteness is often the result of unanticipated adverse conditions which prevent the software and its environment from behaving as expected. These conditions represent risks that can cause severe software failures. The identification and resolution of such risks is therefore a crucial step towards requirements completeness. Obstacle analysis is a goal-driven form of risk analysis that aims at detecting missing conditions that can obstruct goals from being satisfied in a given domain, and resolving them.

This paper proposes an approach for automatically revising goals that may be under-specified or (partially) wrong to resolve obstructions in a given domain. The approach deploys a learning-based revision methodology in which obstructed goals in a goal model are iteratively revised from traces exemplifying obstruction and non-obstruction occurrences. Our revision methodology computes domain-consistent, obstruction-free revisions that are automatically propagated to other goals in the model in order to preserve the correctness of goal models whilst guaranteeing minimal change to the original model. We present the formal foundations of our learning-based approach, and show that it preserves the properties of our formal framework. We validate it against the benchmarking case study of the London Ambulance Service.

References

[1]

D. Alrajeh and R. Craven. Automated error-detection and repair for compositional software specifications. In Proceedings of the 12th International Conference on Software Engineering and Formal Methods, pages 111--127, 2014.

[2]

D. Alrajeh, J. Kramer, A. Russo, and S. Uchitel. Learning operational requirements from goal models. In Proceedings of 31st International Conference on Software Engineering, pages 265--275, 2009.

Digital Library

[3]

D. Alrajeh, J. Kramer, A. Russo, and S. Uchitel. Deriving non-zeno behaviour models from goal models using ILP. Journal on Formal Aspects of Computing, 22:217--241, 2010.

[4]

D. Alrajeh, J. Kramer, A. Russo, and S. Uchitel. Learning from vacuously satisfiable scenario-based specifications. In Proceedings of the 15th International Conference on Fundamental Approaches to Software Engineering, pages 377--393, 2012.

Digital Library

[5]

D. Alrajeh, J. Kramer, A. Russo, and S. Uchitel. Automated support for diagnosis and repair. Communications of the ACM, 58(2):65--72, 2015.

Digital Library

[6]

D. Alrajeh, J. Kramer, A. van Lamsweerde, A. Russo, and S. Uchitel. Generating obstacle conditions for requirements completeness. In Proceedings of the 34th International Conference on Software Engineering, pages 705--715, 2012.

Digital Library

[7]

A. Antón and C. Potts. The use of goals to surface requirements for evolving systems. In Proceedings of the International Conference on Software Engineering, pages 157--166, 1998.

Digital Library

[8]

Y. Asnar, P. Giorgini, and J. Mylopoulos. Goal-driven risk assessment in requirements engineering. Requirements Engineering, 16(2):101--116, 2011.

Digital Library

[9]

D. Athakravi, D. Alrajeh, B. Broda, and A. Russo. Inductive learning using constraint-driven bias. In Proceedings of the 24th International Conference on Inductive Logic Programming, 2014.

[10]

D. Athakravi, D. Corapi, K. Broda, and A. Russo. Learning through hypothesis refinement using answer set programming. In Proceedings of the 23rd International Conference on Inductive Logic Programming, pages 31--46, 2013.

[11]

T. Bedford and R. Cooke. Probabilistic risk analysis: foundations and methods. Cambridge University Press, 2001.

[12]

A. Cailliau and A. van Lamsweerde. Assessing requirements-related risks through probabilistic goals and obstacles. Requirements Engineering, 18(2):129--146, 2013.

Digital Library

[13]

A. Cailliau and A. van Lamsweerde. Integrating exception handling in goal models. In Proceedings of the 22nd International Requirements Engineering Conference, pages 43--52, 2014.

[14]

D. Corapi, A. Russo, and E. Lupu. Inductive logic programming as abductive search. In Technical Communications of the 26th International Conference on Logic Programming, 2010.

[15]

D. Corapi, A. Russo, and E. Lupu. Inductive logic programming in answer set programming. In Proceedings of the 21st International Conference on Inductive Logic Programming, pages 91--97, 2011.

Digital Library

[16]

M. Feather and S. Cornford. Quantitative risk-based requirements reasoning. Requirements Engineering, 8:248--265, 2003.

Digital Library

[17]

A. Finkelstein and J. Dowell. A comedy of errors: The london ambulance service case study. In Proceedings of the 8th International Workshop on Software Specification and Design, pages 2--4, 1996.

Digital Library

[18]

D. Giannakopoulou and J. Magee. Fluent model checking for event-based systems. In Proceedings of the 9th European Software Engineering Conference Held Jointly with 11th ACM SIGSOFT International Symposium on Foundations of Software Engineering, pages 257--266, 2003.

Digital Library

[19]

A. Ingram. What is an electronic handbrake. https://www.carwow.co.uk/blog/Electronic-parking-brake-explained, 2014. {Online; accessed 15-Feb-2016}.

[20]

R. Kowalski and M. Sergot. A logic-based calculus of events. New generation computing, 4(1):67--95, 1986.

Digital Library

[21]

R. Koymans. Specifying Message Passing and Time-Critical Systems with Temporal Logic, volume 651 of (LNCS). Springer, 1992.

Digital Library

[22]

E. Letier, D. Stefan, and E. T. Barr. Uncertainty, risk, and information value in software requirements and architecture. In Proceedings of the 36th International Conference on Software Engineering, pages 883--894, 2014.

Digital Library

[23]

N. Leveson. An approach to designing safe embedded software. In Proceedings of the 2nd International Conference on Embedded Software, pages 15--29, 2002.

Digital Library

[24]

N. G. Leveson. Safeware: System Safety and Computers. ACM, New York, NY, USA, 1995.

[25]

J. Lloyd. Foundations of logic programming. Springer, 1984.

[26]

M. S. Lund, B. Solhaug, and K. Stlen. Model-Driven Risk Analysis: The CORAS Approach. Springer Publishing Company, Incorporated, 1st edition, 2010.

[27]

R. Lutz, A. Patterson-Hine, S. Nelson, C. R. Frost, D. Tal, and R. Harris. Using obstacle analysis to identify contingency requirements on an unpiloted aerial vehicle. Requirements Engineering, 12:41--54, 2006.

Digital Library

[28]

S. Muggleton and F. Marginean. Logic-based artificial intelligence. chapter Logic-based Machine Learning, pages 315--330. Kluwer Academic Publishers, 2000.

Digital Library

[29]

S. Muggleton and L. D. Raedt. Inductive logic programming: Theory and methods. Journal of Logic Programming, 19--20:629--679, 1994.

[30]

C. Potts. Using schematic scenarios to understand user needs. In Proceedings of the 1st conference on Designing interactive systems: processes, practices, methods, & techniques, pages 247--256, 1995.

Digital Library

[31]

M. Sabetzadeh, D. Falessi, L. C. Briand, S. D. Alesio, D. McGeorge, V. Ã &Ecaron;hjem, and J. Borg. Combining goal models, expert elicitation, and probabilistic simulation for qualification of new technology. In Proceedings of the IEEE 13th International Symposium on High-Assurance Systems Engineering, pages 63--72, 2011.

Digital Library

[32]

B. Schneier. Secrets and Lies: Digital Security in a Networked World. Wiley, 2000.

Digital Library

[33]

A. Sutcliffe, N. Maiden, S. Minocha, and D. Manuel. Supporting scenario-based requirements engineering. IEEE Transactions on Software Engineering, 24:1072--1088, 1998.

Digital Library

[34]

C. K. F. Tang and E. Ternovska. Model checking abstract state machines with answer set programming. In Proceedings of the 12th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning, pages 443--458, 2005.

Digital Library

[35]

A. van Lamsweerde. Requirements Engineering: From System Goals to UML Models to Software Specifications. Wiley, 2009.

Digital Library

[36]

A. van Lamsweerde and E. Letier. Handling obstacles in goal-oriented requirement engineering. IEEE Transactions on Software Engineering, 26(10):978--1005, 2000.

Digital Library

[37]

S. Wrobel. First order theory refinement. In L. React, editor, Advances in Inductive Logic Programming, pages 14--33. IOS Press, Amsterdam, 1996.

Cited By

Pei ZLiu LWang CWang J(2022)Requirements Engineering for Machine Learning: A Review and Reflection2022 IEEE 30th International Requirements Engineering Conference Workshops (REW)10.1109/REW56159.2022.00039(166-175)Online publication date: Aug-2022
https://doi.org/10.1109/REW56159.2022.00039
Munante DPerini AKifetew FSusi A(2021)Combining risk and variability modelling for requirements analysis in SAS engineering2021 IEEE 29th International Requirements Engineering Conference (RE)10.1109/RE51729.2021.00044(396-401)Online publication date: Sep-2021
https://doi.org/10.1109/RE51729.2021.00044
Alrajeh DCailliau Avan Lamsweerde ARothermel GBae D(2020)Adapting requirements models to varying environmentsProceedings of the ACM/IEEE 42nd International Conference on Software Engineering10.1145/3377811.3380927(50-61)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3377811.3380927
Show More Cited By

Risk-driven revision of requirements models
1. Software and its engineering
  1. Software creation and management
    1. Designing software

Recommendations

Assessing requirements-related risks through probabilistic goals and obstacles

Requirements completeness is among the most critical and difficult software engineering challenges. Missing requirements often result from poor risk analysis at requirements engineering time. Obstacle analysis is a goal-oriented form of risk analysis ...
A probabilistic framework for goal-oriented risk analysis
RE '12: Proceedings of the 2012 IEEE 20th International Requirements Engineering Conference (RE)

Requirements completeness is among the most critical and difficult software engineering challenges. Missing requirements often result from poor risk analysis at requirements engineering time. Obstacle analysis is a goal-oriented form of risk analysis ...
Runtime monitoring and resolution of probabilistic obstacles to system goals
SEAMS '17: Proceedings of the 12th International Symposium on Software Engineering for Adaptive and Self-Managing Systems

Software systems are deployed in environments that keep changing over time. They should therefore adapt to changing conditions in order to meet their requirements. The satisfaction rate of these requirements depends on the rate at which adverse ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '16: Proceedings of the 38th International Conference on Software Engineering

May 2016

1235 pages

ISBN:9781450339001

DOI:10.1145/2884781

General Chair:
Laura Dillon
Michigan State University
,
Program Chairs:
Willem Visser
Stellenbosch University, South Africa
,
Laurie Williams
North Carolina State University

Copyright © 2016 ACM.

© 2016 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

Sponsors

ACM: Association for Computing Machinery
SIGSOFT: ACM Special Interest Group on Software Engineering
IEEE-CS\TCSE: TC on Software Engineering
IEEE-CS\DATC: IEEE Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 May 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Alrajeh's Imperial College Junior Research Fellowship award

Conference

ICSE '16

Sponsor:

ACM
SIGSOFT
IEEE-CS\TCSE
IEEE-CS\DATC

ICSE '16: 38th International Conference on Software Engineering

May 14 - 22, 2016

Texas, Austin

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
414
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Pei ZLiu LWang CWang J(2022)Requirements Engineering for Machine Learning: A Review and Reflection2022 IEEE 30th International Requirements Engineering Conference Workshops (REW)10.1109/REW56159.2022.00039(166-175)Online publication date: Aug-2022
https://doi.org/10.1109/REW56159.2022.00039
Munante DPerini AKifetew FSusi A(2021)Combining risk and variability modelling for requirements analysis in SAS engineering2021 IEEE 29th International Requirements Engineering Conference (RE)10.1109/RE51729.2021.00044(396-401)Online publication date: Sep-2021
https://doi.org/10.1109/RE51729.2021.00044
Alrajeh DCailliau Avan Lamsweerde ARothermel GBae D(2020)Adapting requirements models to varying environmentsProceedings of the ACM/IEEE 42nd International Conference on Software Engineering10.1145/3377811.3380927(50-61)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3377811.3380927
Cailliau ALamsweerde A(2019)Runtime Monitoring and Resolution of Probabilistic Obstacles to System GoalsACM Transactions on Autonomous and Adaptive Systems10.1145/333780014:1(1-40)Online publication date: 31-Aug-2019
https://dl.acm.org/doi/10.1145/3337800
Borrion HEkblom PAlrajeh DBorrion AKeane AKoch DMitchener-Nissen TToubaline S(2019)The Problem with Crime Problem-Solving: Towards a Second Generation Pop?The British Journal of Criminology10.1093/bjc/azz029Online publication date: 22-May-2019
https://doi.org/10.1093/bjc/azz029
Gaither D(2018)Improving Software Quality through Syntax and Semantics Verification of Requirements Modelsundefined10.12794/metadc1404542Online publication date: Dec-2018
https://doi.org/10.12794/metadc1404542
Cailliau Avan Lamsweerde AGarlan DNuseibeh B(2017)Runtime monitoring and resolution of probabilistic obstacles to system goalsProceedings of the 12th International Symposium on Software Engineering for Adaptive and Self-Managing Systems10.1109/SEAMS.2017.5(1-11)Online publication date: 20-May-2017
https://dl.acm.org/doi/10.1109/SEAMS.2017.5
Kafali ÖJones JPetruso MWilliams LSingh MUchitel SOrso ARobillard M(2017)How good is a security policy against real breaches?Proceedings of the 39th International Conference on Software Engineering10.1109/ICSE.2017.55(530-540)Online publication date: 20-May-2017
https://dl.acm.org/doi/10.1109/ICSE.2017.55

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten