Validating personal requirements by assisted symbolic behavior browsing

Risks and hazards abound for users of today's large scale distributed telecommunications and e-commerce systems. Service nodes are documented loosely and incompletely, omitting functional details that can violate stakeholder requirements and thwart high level goals. For example, it is not enough to know that a book finding service locates a book for no more than a set price; does the chosen book vendor use an acceptable delivery mode and service? Does it retain or abuse personal information? The OpenModel paradigm provides the basis for a solution: instead of interface information alone, each node publishes a behavioral model of itself. However, large scale and multi-stakeholder systems rule out the use of traditional validation technologies, because state spaces are far too large and incompletely known to support concrete simulation, exhaustive search, or formal proof. Moreover, high level personal requirements like privacy, anonymity, and task success are impossible to formalize completely. This work describes a new methodology, assisted symbolic behavior browsing, and an implemented tool, GSTVIEW, that embodies it to help the user recognize potential violations of high level requirements. The paper also describes case studies of applying GSTVIEW in the domains of email and Web services.

[1]  E. Clarke,et al.  Symbolic Model Checking : IO * ’ States and Beyond * , 1992 .

[2]  Martin Peschke,et al.  Design and Validation of Computer Protocols , 2003 .

[3]  Constance L. Heitmeyer,et al.  SCR*: A Toolset for Specifying and Analyzing Software Requirements , 1998, CAV.

[4]  Kathi Fisler,et al.  Modular Verification of Open Features Through Three-Valued Model Checking � , 2003 .

[5]  Dimitra Giannakopoulou,et al.  Graphical animation of behavior models , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[6]  Patrice Godefroid,et al.  Generalized Model Checking: Reasoning about Partial State Spaces , 2000, CONCUR.

[7]  Andrea Zisman,et al.  OMML: a behavioural model interchange format , 2004, Proceedings. 12th IEEE International Requirements Engineering Conference, 2004..

[8]  Lars Michael Kristensen,et al.  Design/CPN - A Computer Tool for Coloured Petri Nets , 1997, TACAS.

[9]  Angelo Gargantini,et al.  Automatic Model Driven Animation of SCR Specifications , 2003, FASE.

[10]  Andrea Zisman,et al.  Overview of OpenModel-based validation with partial information , 2003, 18th IEEE International Conference on Automated Software Engineering, 2003. Proceedings..