Using Semantic Web Technology in Requirements Specifications

Kroha, Petr, Labra Gayo, José Emilio

05 November 2008

In this report, we investigate how the methods developed for using in Semantic Web technology could be used in capturing, modeling, developing, checking, and validating of requirements specifications. Requirements specification is a complex and time-consuming process. The goal is to describe exactly what the user wants and needs before the next phase of the software development cycle will be started. Any failure and mistake in requirements specification is very expensive because it causes the development of software parts that are not compatible with the real needs of the user and must be reworked later. When the analysis phase of a project starts, analysts have to discuss the problem to be solved with the customer (users, domain experts) and then write the requirements found in form of a textual description. This is a form the customer can understand. However, any textual description of requirements can be (and usually is) incorrect, incomplete, ambiguous, and inconsistent. Later on, the analyst specifies a UML model based on the requirements description written by himself before. However, users and domain experts cannot validate the UML model as most of them do not understand (semi-)formal languages such as UML. It is well-known that the most expensive failures in software projects have their roots in requirements specifications. Misunderstanding between analysts, experts, users, and customers (stakeholders) is very common and brings projects over budget. The goal of this investigation is to do some (at least partial) checking and validation of the UML model using a predefined domain-specific ontology in OWL, and to process some checking using the assertions in descriptive logic. As we described in our previous papers, we have implemented a tool obtaining a modul (a computer linguistic component) that can generate a text of requirements description using information from UML models, so that the stakeholders can read it and decide whether the analyst's understanding is right or how different it is from their own one. We argue that the feedback caused by the UML model checking (by ontologies and OWL DL reasoning) can have an important impact on the quality of the outgoing requirements. This report contains a description and explanation of methods developed and used in Semantic Web Technology and a proposed concept for their use in requirements specification. It has been written during my sabbatical in Oviedo and it should serve as a starting point for theses of our students who will implement ideas described here and run some experiments concerning the efficiency of the proposed method.

ddc:004

Anforderungsdefinition

OWL <Informatik>

Requirements engineering

Semantic Web

Software Engineering

UML

Using structured analysis and design technique (SADT) for simulation conceptual modelling

Ahmed, Fahim

January 2016

Conceptual Modelling (CM) has received little attention in the area of Modelling and Simulation (M&S) and more specifically in Discrete Event Simulation (DES). It is widely agreed that CM is least understood despite its importance. This is however, not the case in other fields of science and engineering (especially, computer science, systems engineering and software engineering). In Computer Science (CS) alone, CM has been extensively used for requirements specification and some well-established methods are in practice. The aim of the thesis is to propose a CM framework based on the principles of software engineering and CS. The development of the framework is adapted from a well-known software engineering method called Structured Analysis and Design Technique (SADT), hence it is called SADT CM. It is argued that by adapting approaches from CS, similar benefits can be achieved in terms of formality, understanding, communication and quality. A comprehensive cross-disciplinary review of CM in CS and M&S is undertaken, which highlights the dearth of standards within M&S CM when compared to CS. Three important sub-fields of CS are considered for this purpose namely, information systems, databases and software engineering. The review identifies two potential methods that could be adopted for developing a M&S CM framework. The first method called PREView was found unsuitable for M&S CM in DES domain. Hence, the thesis concentrates on developing the framework based on SADT. The SADT CM framework is evaluated on three-in depth test cases that investigate the feasibility of the approach. The study also contributes to the literature by conducting a usability test of the CM framework in an experimental setting. A comprehensive user-guide has also been developed as part of the research for users to follow the framework.

620.001

Využití workshopů při analýze požadavků softwarového projektu / Use of workshops during requirements analysis for software projects

Pacourek, Kryštof

January 2013

This thesis reacts to the still poorly mastered area of requirements analysis in the development of software, which shows that incorrectly defined requirements are one of the major causes of failure of software projects. The thesis deals with the techniques for gathering requirements, for example the use of requirements workshops as an approach, where a number of various stakeholders under the guidance of a facilitator create a defined output and collectively shape the requirements for SW. Organizing similar workshops is an intensive activity in which it is necessary to consider many aspects; these are discussed in the theoretical part of the thesis. The practical outcome of this work is a methodological framework purposed as a guideline for organizing a specific workshop focused on understanding the problem areas and solutions, identifying stakeholders and the scope of the project, where the problem is viewed from the perspective of the overall context and detachment, which is essential in the early stages of the software project. The workshop was designed and implemented during a university course Software Project and adapted the MMSP methodology, which is used in the course.

Towards systematic requirements reuse

Naish, James Alexander

January 2014

Reuse has often been claimed in the software engineering literature to improve thequality and reduce the cost of software. Motivated by the idea that these gains canbe multiplied if reuse can be achieved earlier in the software life-cycle, a subset ofthe requirements engineering literature has focused, since the inception of the field,on investigating approaches to reuse at the requirements level. A wide array of differentapproaches now exist within this space. However, these approaches offer varyingdegrees of generality and utility. Generality is important because it enables a requirementsengineer to utilise the same reuse library across multiple projects. Utility isimportant because it is a measure of the extent to which effort is reduced by utilising areuse approach. This thesis presents Reuse-Oriented Requirements Engineering (RORE): a systematicframework to support the production of requirements models by reuse. RORE aimsto improve on existing requirements-reuse approaches in respect of the generalityutilitytrade-off. RORE seeks to do this by bringing together the strengths of two existingrequirements-level reuse approaches: The Domain Theory and Problem-OrientedSoftware Engineering (POSE - a refinement of Jackson’s Problem Frames Approach).This thesis evaluates RORE with respect to both generality and utility, and comparesRORE against both frameworks. The major conclusion of the thesis is that while ROREimproves on each framework in respect of some, but not all, evaluation metrics, ROREdoes succeed in offering a level of generality which compares favourably to existinghighly general approaches, and without significantly reducing the utility of the approach.

005.1

An interpretive case study into the application of software engineering theory

Odendaal, Maria Elizabeth

22 June 2012

Even before software engineering was formally defined as a discipline, software projects were notorious for being behind schedule and over budget. The resulting software systems were also often described as unreliable. Researchers in the field have, over the years, theorised and proposed many standards, methods, processes and techniques to improve software project outcomes. Based on allegorical evidence, however, it would seem that these proposals are often not applied in practice. This study was inspired by a desire to probe this general theme, namely of the extent to which (if at all) software engineering theory is adopted in practice. The core of this research is an interpretive case study of a software project in the financial services industry that ran from end 2006 to mid 2008. I was one of a team of approximately 20 developers, analysts and development managers working on the project, until I left the company in 2009. Results are reported in a two-phase fashion over several themes. Firstly, the literature of recommended software engineering practices relating to a particular theme is reviewed. This is regarded as the "theory". Thereafter, the observations and evidence collected from the interpretive study in regard to the relevant theme is presented and discussed. The first theme investigated is the notion of "project outcome". Definitions of successful and failed software projects are considered from the perspective of the various stakeholders. Also considered are factors that contribute to project success or failure. After examining how case study participants viewed the project’s outcome, it is argued that the project could neither be labelled as a complete success nor as a complete failure. Two areas were identified as problematic: the requirements gathering process; and the system architecture that had been chosen. Improvements in these areas would arguably have most benefitted the project’s outcome. For this reason, recommended practices were probed in the literature relating both to requirements engineering and also to software architecture design. The case study project was then evaluated against these recommended practices to determine the degree to which they were implemented. In cases where the recommended practices were not implemented or only partially implemented, a number of reasons for the lack of adoption are considered. Of course, the conclusions made in this study as to why the recommended practices were not implemented cannot be naïvely generalized to the software engineering field as a whole. Instead, in line with the interpretive nature of the study, an attempt was made to gain in depth knowledge of a particular project, to show how that project’s individual characteristics influenced the adoption of software engineering theory, and to probe the consequences of such adoption or lack thereof. The study suggested that the complex and individual nature of software projects will have a substantial influence on the extent to which theory is adopted in practice. It also suggested that the impact such adoption will have on a project’s outcome will be critically influenced by the nature of the software project. Copyright / Dissertation (MSc)--University of Pretoria, 2012. / Computer Science / unrestricted

Software engineering

Software crises

Project outcome

Requirements engineering

Software architecture

Interpretive research

UCTD

Requirements Elicitation for the User Experience in Troubleshooting and Debugging of Microservice Networks : A Study of how Visualization of Call Paths can be Utilized in a Software Tool / Kravställning av användarupplevelsen vid felsökning och debugging av nätverk med mikrotjänster

Sestorp, Isak

January 2020

No description available.

Microservice

Troubleshooting

Debugging

Requirements engineering

Prototyping

User experience

Usability

Human Computer Interaction

Improving Software Quality through Syntax and Semantics Verification of Requirements Models

Gaither, Danielle

12 1900

Software defects can frequently be traced to poorly-specified requirements. Many software teams manage their requirements using tools such as checklists and databases, which lack a formal semantic mapping to system behavior. Such a mapping can be especially helpful for safety-critical systems. Another limitation of many requirements analysis methods is that much of the analysis must still be done manually. We propose techniques that automate portions of the requirements analysis process, as well as clarify the syntax and semantics of requirements models using a variety of methods, including machine learning tools and our own tool, VeriCCM. The machine learning tools used help us identify potential model elements and verify their correctness. VeriCCM, a formalized extension of the causal component model (CCM), uses formal methods to ensure that requirements are well-formed, as well as providing the beginnings of a full formal semantics. We also explore the use of statecharts to identify potential abnormal behaviors from a given set of requirements. At each stage, we perform empirical studies to evaluate the effectiveness of our proposed approaches.

requirements analysis

formal methods

software engineering

Computer Science

Requirements engineering -- Automation.

Computer programs -- Verification.

Semantics -- Methodology.

Multivariate Time-Series Data Requirements in Deep Learning Models

Challa, Harshitha

01 October 2021

No description available.

Computer Science

Metamorphic testing

Combined Sewer Overflow

Time-series

Requirements Engineering

Recurrent neural networks

Data Quality

Interactive Prioritization of Software Requirements using the Z3 SMT Solver / Interaktiv prioritering av mjukvarukrav med hjälp av SMT-lösaren Z3

Winton, Jonathan

January 2021

Prioritization of software requirements is an important part of the requirements engineering process within the industry of software development. There are many different methods for achieving the most optimal order of software requirements, a list that shows in what order the requirements should be implemented. This degree project utilizes the SMT-based solver Z3 for an interactive prioritization algorithm. Previous studies have shown good results with another SMT-based solver called Yices. With the newer Z3 from Microsoft, the results have been improved further, and the tool is based on Python, and the framework for Z3 is called Z3PY. Experiments have been conducted on a set of different software requirements derived from a project in the healthcare industry and show that the Z3 solution is, in general, improving the requirements prioritization compared to other mentioned solutions in the study that has been tested on the same set of requirements. Results show that the Z3 solution outperformed the other SMT-based solution Yices by 2-4% regarding disagreement and by 3% regarding average distance. The results are significantly improved based on an ANOVA test with a p-value &lt;= 0.05.

Software requirements prioritization

Requirements engineering

Z3

SMT-solvers

Satisfiability Modulo Theories

Computer Sciences

Datavetenskap (datalogi)

AMAN-DA : une approche basée sur la réutilisation de la connaissance pour l’ingénierie des exigences de sécurité / A knowledge reuse based approach to the domain specific security requirements engineering

Souag, Amina

13 November 2015

Au cours de ces dernières années, la sécurité des Systèmes d'Information (SI) est devenue une préoccupation importante, qui doit être prise en compte dans toutes les phases du développement du SI, y compris dans la phase initiale de l'ingénierie des exigences (IE). Prendre en considération la sécurité durant les premières phases du développement des SI permet aux développeurs d'envisager les menaces, leurs conséquences et les contre-mesures avant qu'un système soit mis en place. Les exigences de sécurité sont connues pour être "les plus difficiles des types d’exigences", et potentiellement celles qui causent le plus de risque si elles ne sont pas correctes. De plus, les ingénieurs en exigences ne sont pas principalement intéressés à, ou formés sur la sécurité. Leur connaissance tacite de la sécurité et leur connaissance primitive sur le domaine pour lequel ils élucident des exigences de sécurité rendent les exigences de sécurité résultantes pauvres et trop génériques. Cette thèse explore l'approche de l’élucidation des exigences fondée sur la réutilisation de connaissances explicites. Tout d'abord, la thèse propose une étude cartographique systématique et exhaustive de la littérature sur la réutilisation des connaissances dans l'ingénierie des exigences de sécurité identifiant les différentes formes de connaissances. Suivi par un examen et une classification des ontologies de sécurité comme étant la principale forme de réutilisation. Dans la deuxième partie, AMAN-DA est présentée. AMAN-DA est la méthode développée dans cette thèse. Elle permet l’élucidation des exigences de sécurité d'un système d'information spécifique à un domaine particulier en réutilisant des connaissances encapsulées dans des ontologies de domaine et de sécurité. En outre, la thèse présente les différents éléments d'AMAN-DA : (I) une ontologie de sécurité noyau, (II) une ontologie de domaine multi-niveau, (iii) des modèles syntaxique de buts et d’exigences de sécurité, (IV) un ensemble de règles et de mécanismes nécessaires d'explorer et de réutiliser la connaissance encapsulée dans les ontologies et de produire des spécifications d’exigences de sécurité. La dernière partie rapporte l'évaluation de la méthode. AMAN-DA a été implémenté dans un prototype d'outil. Sa faisabilité a été évaluée et appliquée dans les études de cas de trois domaines différents (maritimes, applications web, et de vente). La facilité d'utilisation et l’utilisabilité de la méthode et de son outil ont également été évaluées dans une expérience contrôlée. L'expérience a révélé que la méthode est bénéfique pour l’élucidation des exigences de sécurité spécifiques aux domaines, et l'outil convivial et facile à utiliser. / In recent years, security in Information Systems (IS) has become an important issue that needs to be taken into account in all stages of IS development, including the early phase of Requirement Engineering (RE). Considering security during early stages of IS development allows IS developers to envisage threats, their consequences and countermeasures before a system is in place. Security requirements are known to be “the most difficult of requirements types”, and potentially the ones causing the greatest risk if they are not correct. Moreover, requirements engineers are not primarily interested in, or knowledgeable about, security. Their tacit knowledge about security and their primitive knowledge about the domain for which they elicit security requirements make the resulting security requirements poor and too generic. This thesis explores the approach of eliciting requirements based on the reuse of explicit knowledge. First, the thesis proposes an extensive systematic mapping study of the literature on the reuse of knowledge in security requirements engineering identifying the different knowledge forms. This is followed by a review and classification of security ontologies as the main reuse form. In the second part, AMAN-DA is presented. AMAN-DA is the method developed in this thesis. It allows the elicitation of domain-specific security requirements of an information system by reusing knowledge encapsulated in domain and security ontologies. Besides that, the thesis presents the different elements of AMANDA: (I) a core security ontology, (II) a multi-level domain ontology, (III) security goals and requirements’ syntactic models, (IV) a set of rules and mechanisms necessary to explore and reuse the encapsulated knowledge of the ontologies and produce security requirements specifications. The last part reports the evaluation of the method. AMAN-DA was implemented in a prototype tool. Its feasibility was evaluated and applied in case studies of three different domains (maritime, web applications, and sales). The ease of use and the usability of the method and its tool were also evaluated in a controlled experiment. The experiment revealed that the method is beneficial for the elicitation of domain specific security requirements, and that the tool is friendly and easy to use.

Exigences de sécurité

Ontologies

Élicitation

Ingénierie des exigences

Secrutity requirements

Ontologies

Elicitation

Requirements engineering

004