Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach

Properly dealing with nonfunctional requirements (NFRs) such as security, cost, and usability, requires a large body of knowledge. However, it is difficult for average requirements engineers to possess necessary knowledge and use it correctly. This paper presents an NFR pattern framework for capturing NFR knowledge using goal, problem, causal attribution, solution/means, and requirements patterns that can be reused to help produce earlyphase and latephase NFR related requirements. The NFR patterns may be organized using generalization, aggregation, and classification relationships. Reusing the patterns is defined in terms of search and apply operations. The approach is illustrated using a running example based on the TJX incident, the largest credit card theft in history, to demonstrate how knowledge of the incident and mitigation techniques from security standards could be captured and used to help understand and prevent such incident.

[1]  Sara Jones,et al.  Generating requirements from systems models using patterns: a case study , 2005, Requirements Engineering.

[2]  Marco Pistore,et al.  The Tropos Methodology , 2004 .

[3]  E. Yu,et al.  Using Non-Functional Requirementsto Systematically Select Among Alternativesin Architectural Design , 1994 .

[4]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.

[5]  Maritta Heisel,et al.  Architectural patterns for problem frames , 2005, IEE Proc. Softw..

[6]  Eduardo B. Fernandez,et al.  A pattern language for security models , 2001 .

[7]  Axel van Lamsweerde,et al.  Formal refinement patterns for goal-driven requirements elaboration , 1996, SIGSOFT '96.

[8]  Martin Fowler,et al.  Analysis patterns - reusable object models , 1996, Addison-Wesley series in object-oriented software engineering.

[9]  Helen M. Edwards,et al.  Problem frames: analyzing and structuring software development problems , 2002, Softw. Test. Verification Reliab..

[10]  Albert Y. Zomaya,et al.  Observations on Using Genetic Algorithms for Dynamic Load-Balancing , 2001, IEEE Trans. Parallel Distributed Syst..

[11]  Betty H. C. Cheng,et al.  Requirements patterns for embedded systems , 2002, Proceedings IEEE Joint International Conference on Requirements Engineering.

[12]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[13]  John Mylopoulos,et al.  Non-Functional Requirements in Software Engineering , 2000, International Series in Software Engineering.

[14]  David W. Zeitler Introduction to Quality Control , 1994 .

[15]  Daniel Gross,et al.  From Non-Functional Requirements to Design through Patterns , 2001, Requirements Engineering.

[16]  Roger King,et al.  Semantic database modeling: survey, applications, and research issues , 1987, CSUR.

[17]  Sam Supakkul,et al.  Extending Problem Frames to deal with stakeholder problems: An Agent- and Goal-Oriented Approach , 2009, SAC '09.

[18]  Jane Cleland-Huang,et al.  Softgoal Traceability Patterns , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[19]  Alex M. Andrew Satisficing Games and Decision Making: With Applications to Engineering and Computer Science , 2005 .

[20]  Eduardo B. Fernández,et al.  Attack Patterns: A New Forensic and Design Tool , 2007, IFIP Int. Conf. Digital Forensics.

[21]  Thomas P. Moran,et al.  Questions, Options, and Criteria: Elements of Design Space Analysis , 1991, Hum. Comput. Interact..

[22]  Peter Sommerlad,et al.  Security Patterns: Integrating Security and Systems Engineering , 2006 .

[23]  Axel van Lamsweerde,et al.  From system goals to intruder anti-goals: attack generation and resolution for security requirements engineering , 2003 .

[24]  John Mylopoulos,et al.  Organizational Patterns for Early Requirements Analysis , 2003, CAiSE.

[25]  Haim Kilov Business Specifications and RD-ODP , 2000, TOOLS.

[26]  Barbara Paech,et al.  Using Patterns for Sharing Requirements Engineering Process Rationales , 2006 .

[27]  Bashar Nuseibeh,et al.  Security Requirements Engineering: A Framework for Representation and Analysis , 2008, IEEE Transactions on Software Engineering.

[28]  B. J. Ferro Castro,et al.  Pattern-Oriented Software Architecture: A System of Patterns , 2009 .

[29]  Christopher Alexander,et al.  The Timeless Way of Building , 1979 .

[30]  Gerard G. Meszaros,et al.  A pattern language for pattern writing , 1997 .