Risk-driven Engineering of Requirements for Dependable Systems

Engineering the right software requirements under the right environment assumptions is a critical precondition for developing the right software. Requirements completeness, in particular, is known to be among the most critical and difficult software engineering challenges. Missing requirements often result from poor risk analysis at requirements engineering time. A natural inclination to conceive over-ideal systems prevents adverse conditions from being properly identified and, when likely and critical, resolved through adequate countermeasure requirements. The paper overviews a model-based approach for integrating risk analysis in requirements engineering. The approach is aimed at anticipating exceptional conditions in which the target system should behave adequately. In a goaloriented modeling framework, obstacles are introduced as as preconditions for the non-satisfaction of system goals. Following the identify-assess-control cycle of risk analysis, the paper reviews a variety of formal techniques available for generating obstacles, for assessing their likelihood and the severity of their consequences, and for resolving them through countermeasures whose integration in the system model results in increased requirements completeness.

[1]  Martin S. Feather,et al.  Quantitative risk-based requirements reasoning , 2003, Requirements Engineering.

[2]  Ketil Stølen,et al.  Model-Driven Risk Analysis - The CORAS Approach , 2010 .

[3]  Dalal Alrajeh,et al.  Generating obstacle conditions for requirements completeness , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[4]  Stephen Fickas,et al.  Goal-Directed Requirements Acquisition , 1993, Sci. Comput. Program..

[5]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[6]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[7]  Jennifer Seberry,et al.  Fundamentals of Computer Security , 2003, Springer Berlin Heidelberg.

[8]  Philippe Massonet,et al.  Early verification and validation of mission critical systems , 2007, Formal Methods Syst. Des..

[9]  Axel van Lamsweerde,et al.  Formal refinement patterns for goal-driven requirements elaboration , 1996, SIGSOFT '96.

[10]  John Mylopoulos,et al.  Non-Functional Requirements in Software Engineering , 2000, International Series in Software Engineering.

[11]  Dimitra Giannakopoulou,et al.  Fluent model checking for event-based systems , 2003, ESEC/FSE-11.

[12]  Robyn R. Lutz,et al.  Analyzing software requirements errors in safety-critical, embedded systems , 1993, [1993] Proceedings of the IEEE International Symposium on Requirements Engineering.

[13]  Robert Darimont,et al.  Security Requirements for Civil Aviation with UML and Goal Orientation , 2007, REFSQ.

[14]  A. V. Lamsweerde,et al.  Agent-based tactics for goal-oriented requirements elaboration , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[15]  Marta Z. Kwiatkowska,et al.  Probabilistic symbolic model checking with PRISM: a hybrid approach , 2004, International Journal on Software Tools for Technology Transfer.

[16]  Axel van Lamsweerde,et al.  Elaborating security requirements by construction of intentional anti-models , 2004, Proceedings. 26th International Conference on Software Engineering.

[17]  Axel van Lamsweerde,et al.  Goal-Oriented Requirements Engineering: A Guided Tour , 2001, RE.

[18]  Axel van Lamsweerde,et al.  Deriving operational software specifications from system goals , 2002, SIGSOFT '02/FSE-10.

[19]  Edsger W. Dijkstra,et al.  A Discipline of Programming , 1976 .

[20]  Sebastián Uchitel,et al.  Deriving event-based transition systems from goal-oriented requirements models , 2008, Automated Software Engineering.

[21]  Nancy G. Leveson,et al.  Safeware: System Safety and Computers , 1995 .

[22]  Axel van Lamsweerde,et al.  Reasoning about partial goal satisfaction for requirements and design engineering , 2004, SIGSOFT '04/FSE-12.

[23]  Philippe Massonet,et al.  Goal-oriented requirements animation , 2004, Proceedings. 12th IEEE International Requirements Engineering Conference, 2004..

[24]  Luc De Raedt,et al.  Inductive Logic Programming: Theory and Methods , 1994, J. Log. Program..

[25]  Robyn R. Lutz,et al.  Using obstacle analysis to identify contingency requirements on an unpiloted aerial vehicle , 2006, Requirements Engineering.

[26]  Nancy G. Leveson An Approach to Designing Safe Embedded Software , 2002, EMSOFT.

[27]  Alessandra Russo,et al.  Inductive Logic Programming as Abductive Search , 2010, ICLP.

[28]  A. van Lamsweerde Goal-oriented requirements enginering: a roundtrip from research to practice [enginering read engineering] , 2004 .

[29]  Richard Waldinger,et al.  Achieving several goals simultaneously , 1977 .

[30]  Axel van Lamsweerde,et al.  Requirements Engineering: From System Goals to UML Models to Software Specifications , 2009 .

[31]  John Mylopoulos,et al.  Goal-driven risk assessment in requirements engineering , 2011, Requirements Engineering.

[32]  Axel van Lamsweerde,et al.  A probabilistic framework for goal-oriented risk analysis , 2012, 2012 20th IEEE International Requirements Engineering Conference (RE).

[33]  M.S. Feather,et al.  Reconciling system requirements and runtime behavior , 1998, Proceedings Ninth International Workshop on Software Specification and Design.