EventMarB2009
From Requirements Engineering Specialist Group
Past Event
RESG Postgraduate Workshop
Contact Dalal Alrajeh.
Date 9.30am, 6 March 2009
Venue Department of Computing, 180 Queen's Gate, Imperial College London.
Update: Unfortunately, Anthony Finkelstein is no longer able to make this event. But we're lucky to have Dr Emmanuel Letier, also from UCL, take Anthony's place at the last minute.
A great opportunity to discuss your work with RE experts!
Are you PhD student doing research in RE? Would you like to know what experts have to say about your work? Would you like to know what other RE students are doing in their research?
If so, then come and join us at a one-day PhD student workshop held on March 6th at Imperial College London. The workshop is intended to give PhD students presenting on the day a chance to describe their current research before a panel of faculty members, RE experts and other RE students.
We also have invited talks by two leading RE researchers, Dr Emmanuel Letier and Professor Bashar Nuseibeh. The workshop will also provide an opportunity for attending students to interact with other students in the same research area. Students (PhD, Masters) and fellow researchers who may be working or planning to work in RE are encouraged to attend and participate in the discussions.
If you'd like to attend, please contact Dalal Alrajeh or William Heaven.
Schedule
9:30 Invited talk: Dr Emmanuel Letier (UCL)
10.00 Presenter 1: Shamal Faily (Oxford)
- IRIS (Integrating Requirements and Information Security)
10.30 Coffee break
11.00 Presenter 2: Soo Ling Lim (UCL)
- Managing Requirements Change
11.30 Presenter 3: Gilberto Cysneiros Filho (City University)
- Requirements Traceability for Multi-Agent Systems
12.00 Presenter 4: Clive Blackwell (Royal Holloway)
- A Novel Architectural Model Used To Investigate The Insider Threat
12.30 Lunch
14.00 Invited talk: Prof Bashar Nuseibeh (Open University)
14.30 Presenter 5: Ben Jennings (UCL)
- Reputation-based Message Routing: a Flexible Workflow Process
15.00 Presenter 6: Camilo Fitzgerald (UCL)
- Support For Collaborative Elaboration Of Requirements Models
15.30 Coffee break'
16.00 Describe your PhD in 1 minute
16.45 Close
Abstracts
IRIS (Integrating Requirements and Information Security)
Shamal Faily (Oxford)
The failure to design for changes to contexts of operation has been widely reported, with consequences ranging from loss of information through to loss of life. As reports of such failures become more prevalent, there is a growing need to explore the relationship between security and its socio-technical contexts. A better understanding of this relationship could lead to important insights into designing and deploying security solutions that are effective at mitigating risks and appropriate to their context of use.
Recent empirical research on cultural contexts within the NeuroGrid e-Science project found that a myopic view of security engineering, coupled with conflicting perceptions of security by different organisational sub-cultures can lead to a significant source of requirements conflict. This research also highlighted the importance of understanding different roles and responsibilities at play within different contexts. This presentation introduces IRIS (Integrating Requirements and Information Security), a framework for supporting integrated requirements and risk management for variable contexts of operation.
We present a meta-model for integrated Requirements and Risk Management, and compare and contrast this with similar models in the security requirements engineering literature.
With the aid of contemporary case study, we then illustrate a number of features of IRIS. These include an approach for security property sensitive quantitative risk assessment, the use of semi-formal requirements grammar to introduce changes to the context of operation, and the visualisation of requirements and risk management artifacts.
Managing Requirements Change
Soo Ling Lim (UCL)
The requirements of a system continue to change throughout the system lifecycle. Requirements change at different rates. Different types of changes have different effects on the system and are dealt with differently. Existing requirements engineering methodologies organise requirements based on their functionality and not on how likely they change. As a result, stable requirements are mixed with or embedded in volatile ones. This causes stable requirements to obstruct changes to volatile requirements. Requirements management becomes inefficient and error prone when frequent changes occur.
I propose that requirements can be classified into layers that evolve in different timescales. This encourages the separation of requirements based on rate and type of change. As a result, changing the requirements in one layer does not affect the other layers. It is also not obstructed by the other layers. The classification can be used to develop a method to organise requirements for managing future changes.
Requirements Traceability for Multi-Agent Systems
Gilberto Cyneiros Filho (City)
Multi-agent systems have emerged as one of the most important areas of research and development in distributed systems in the 1990s. Multi-agents arise as promising new software paradigm capable to provide solution to the need of applications that requires run in an open, complex, dynamic, and distributed environment. Despite its potential, in practice multi-agent systems is rarely used and it has been widely outpaced by the service-oriented architecture. One key reason for the slow adoption of multi-agents by the industry is the lack of tools to support the development of large-scale multi-agents systems.
Traceability has been recognised as fundamental to support the activity of project management and software maintenance and it can be used to understand the relationships that exist between artefacts created during the software development process and has been used as mechanism to support verification, impact analysis and change management and to understand the evolution of an artefact. The heterogeneity and huge amount of information involved in the development of multi-agent system produce a complex number of relationships that brings up the necessity for automated support for traceability.
We propose a rule-based approach to support automatic generation of traceability relations and completeness checking between the various models generated during the development of multi-agent systems. Our work concentrates on goals and business models represented in i* and design models represented in Prometheus and code in JACK. The rules are represented in an extension of XQuery and the models in XML.
A prototype tool has been developed to assist with evaluation of our work. We also created a traceability model to provide semantics for the different types of relationships in order to support richer analysis about the relationships.
A Novel Architectural Model used to Investigate the Insider Threat
Clive Blackwell (Royal Holloway)
The insider threat poses a significant and increasing problem for organisations. This is shown by the regular stories of data loss in the media such as the 25 million personal records mailed out on 2 CDs by Revenue and Customs in the UK. There is a need to provide a complete and consistent defence from insider attacks because their legitimate access and knowledge of weaknesses means that no single protection mechanism will be sufficient.
We have developed a three-layer architectural model to examine the security of complex systems holistically. Our model covers physical and social level attacks as well as computer and network incidents along with the corresponding defensive mechanisms.
Organisations have positive functional goals that are needed to fulfil their mission and make money that we consider conceptually at the social layer. The security requirements are only necessary to the extent that they efficiently and effectively support the organisational goals in the presence of malicious attack. The security controls are usually lower-layer mechanisms that provide the confidentiality, integrity and availability of system resources. Our model gives visibility and traceability to the organisational requirements at the social layer by mapping them to their implementation and possible abuse at lower levels.
The model is used to determine typical scenarios in the main types of insider attack that cause damage, fraud and theft. We examine the different stages of attack that enables systematic defensive protection by limiting access, constraining the use of the target and limiting the impact of successful attacks. The possible goals of attackers and how to reduce their motivation by persuasion or deterrence are also considered. We show destructive attacks within a systematic tabular classification along with their corresponding defences, which allows the prioritised selection of defensive controls in line with business need.
Our practical architecture appears to have widespread application in other complex systems, as it allows the analysis of systems in their entirety including human and physical factors, not just as technical systems alone. It has already been used to investigate the electricity grid, part of the critical infrastructure, with its widespread scope and weaknesses at all layers to help ensure it meets its vital requirements such as meeting energy demand. It has application to complex financial systems such as banking networks where weak procedural and physical controls are usually exploited rather than the technical controls such as cryptography.
We are formalising the model with a new process calculus called bigraphs that represents both the physical and logical aspects of systems. We take existing structural and behavioural models in UML, or diagrammatic representations in our architectural model and semi-automatically translate them to bigraphs that are then executed to find exploitable weaknesses that breach organisational requirements.
Reputation-based Message Routing: a Flexible Workflow Process
Ben Jennings (UCL)
The integration of human agents within workflows is one fraught with subtle complexity. Such complexity is due to the very nature of human agents, one of unpredictability. When considering flexible workflows, a factor of which may be unanticipated deviations, utilising human agents in such processes has desirable characteristics as more flexible outcomes are possible.
Contemporary solutions in the Service Oriented Architecture (SOA) space have looked to fit human agents into top down generated, hierarchical abstracted generalised web services. In flexible expertise driven domains with evolutionary business processes, SOA abstractions fail to capture the nuance of human expertise and human interaction. This talk will present a bottom up approach, via a Reputation based mechanism, to find the most appropriate human agent, or data object, for the flexible workflow.
Support for Collaborative Elaboration of Requirements Models
Camilo Fitzgerald (UCL)
Collaborative environments are particularly well suited to many software development projects, as Mozilla’s Firefox and Ubuntu have shown. Almost no work has been done, however, to make use of these environments to aid those working within them with requirements development and management.
Case studies on the Firefox and OpenOffice projects have unveiled key problems with requirements management in collaborative environments that need to be addressed. One such problem is that of agreeing on a requirements model when multiple actors are involved in discussions. Currently, requirements are developed through free-for-all discussions in Issue Tickets, which are often pathological, unproductive and can take a long time to reach conclusion. Requirements models are subsequently constructed, which are then frequently subject to same form of discussions.
A solution to this problem would aid those working on requirements in collaborative environments to hold arguments that are more constructive, and lead to preferable solutions in a shorter amount of time. It is therefore proposed that support is given for the collaborative elaboration of requirements by allowing users to annotate goal-models in tandem with their arguments, and notifying them of the subsequent actions available to them that are likely to make discussions progress.
This will provide a significant contribution to an area largely missing from the requirements literature. Almost no work has been done to support the process of developing requirements models in a multi-party collaborative environment. The provision of techniques that guide multiple users’ moves in creating and arguing about elements of goal models would fit this niche, and be of great benefit to those working with requirements in all kinds of collaborative software development environments.