Comparing Three Formal Analysis Approaches of the Tropos Family

Tropos is a software development methodology founded on concepts used to model early requirements, the i* framework. In addition to a methodological framework, research addresses also formal analysis support. In previous work, we proposed the prototype environment SNet based on the Trust-Confidence-Distrust (TCD) approach for the representation and dynamic evaluation of agent-based designs for inter-organizational networks. There are two major ingredients: i* for modeling the domain statically and ConGolog for analysing it dynamically via simulations. In this paper, we compare our approach with two other approaches that enrich i*/Tropos models to allow for more formal analyses, Formal Tropos and Secure Tropos. While the intended use of these is quite different from SNet, there are a number of commonalities, which will be highlighted as well as the differences that suggest a combined use, including complementary forms of analysis such as model checking versus simulation.

[1]  J. McCarthy Situations, Actions, and Causal Laws , 1963 .

[2]  Stefanie Kethers,et al.  Modelling Trust Relationships in a Healthcare Network: Experiences with the TCD Framework , 2005, ECIS.

[3]  John Mylopoulos,et al.  Modeling Social and Individual Trust in Requirements Engineering Methodologies , 2005, iTrust.

[4]  John Mylopoulos,et al.  Modeling security requirements through ownership, permission and delegation , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[5]  John Mylopoulos,et al.  Specifying and analyzing early requirements in Tropos , 2004, Requirements Engineering.

[6]  John Mylopoulos,et al.  Requirements Engineering Meets Trust Management: Model, Methodology, and Reasoning , 2004, iTrust.

[7]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[8]  Gerhard Lakemeyer,et al.  SNet Reloaded: Roles, Monitoring and Agent Evolution , 2004, AOIS.

[9]  Gerhard Lakemeyer,et al.  Continuous requirements management for organisation networks: a (dis)trust-based approach , 2003, Requirements Engineering.

[10]  John Mylopoulos,et al.  Towards requirements-driven information systems engineering: the Tropos project , 2002, Inf. Syst..

[11]  Raymond Reiter,et al.  Knowledge in Action: Logical Foundations for Specifying and Implementing Dynamical Systems , 2001 .

[12]  Gerhard Lakemeyer,et al.  Deliberation in a metadata-based modeling and simulation environment for inter-organizational networks , 2005, Inf. Syst..

[13]  Marvin Minsky,et al.  Semantic Information Processing , 1968 .

[14]  John Mylopoulos,et al.  Designing Security Requirements Models Through Planning , 2006, CAiSE.

[15]  Yao-Hua Tan,et al.  Trust and Deception in Virtual Societies , 2001, Springer Netherlands.

[16]  Terry Winograd,et al.  Understanding computers and cognition - a new foundation for design , 1987 .

[17]  Michael Winikoff,et al.  Agent-oriented Information Systems IV , 2008 .

[18]  M. Jarke,et al.  Requirements modeling for organization networks: a (dis)trust-based approach , 2001, Proceedings Fifth IEEE International Symposium on Requirements Engineering.

[19]  Matthias Jarke,et al.  ConceptBase — A deductive object base for meta data management , 1995, Journal of Intelligent Information Systems.

[20]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[21]  Yves Lespérance,et al.  Agent-Oriented Requirements Engineering Using ConGolog and i* , 2001 .

[22]  Thomas Schael,et al.  Workflow Management Systems for Process Organisations , 1998, Lecture Notes in Computer Science.

[23]  Hector J. Levesque,et al.  ConGolog, a concurrent programming language based on the situation calculus , 2000, Artif. Intell..

[24]  Alexei Lapouchnian,et al.  Modeling Mental States in Agent-Oriented Requirements Engineering , 2006, CAiSE.

[25]  Gerhard Lakemeyer,et al.  Towards an Integration of Golog and Planning , 2007, IJCAI.