Contributions published at Requirements Engineering (Martin Glinz)

Information systems often have to fulfill requirements regarding their security. Many of these requirements cannot be addressed using technical measures alone. Organizations therefore rely on security policies which regulate how people work with their system and define the processes that are required to operate them. In practice, these policies are too often not followed correctly, which jeopardizes the security and reliability of the systems. This thesis proposes a modeling language based on existing information and process modeling standards. The language is used by security experts to specify security objects, such as cryptographic keys, and the processes that are required to manage them. The formal language aims to improve the quality of the policy documents which, in practice, are written predominantly in natural language. The thesis presents the policy support system, a workflow engine which enacts the models. This system assists users during the execution of a policy and thereby reduces the risk of human errors. In addition, it manages the lifecycle of security objects and notifies users about important events. A validation of the language and the policy support system showed promising results. The interviewed security experts agree that the models enhance the quality of the policy documents and that the support system reduces the risk of human errors. A long-term study would however be required to evaluate whether our approach can reduce the number of security incidents in practice.

In the emerging cloud computing context, satisfying customer needs has become a challenging task for providers. Often, cloud users are unable to express and communicate their needs. Or, they cannot imagine the solution corresponding to their problem. Consequently, a communication gap is identifiable, particularly affecting the first phase of requirements engineering, the process of eliciting relevant requirements, which gets prone to failure. Simultaneously, requirements elicitation is widely seen as an essential phase delivering successful software. Previous studies suggested that only few of currently available elicitation techniques can successfully be applied to designing cloud systems. This is mainly due to the highly complex context of cloud computing, and the existence of a communication gap between users and providers. Thus, the main objective of this thesis is to contribute with a new technique in the cloud context in order to elicit customer needs and thereby narrow the interaction gap between supply and demand.

In this thesis we investigate current methods and tools regarding continuous business process improvement. Although there are a lot of different methods and tools, most of them lack a distributed and bottom-up approach. We aim at creating a tool-based method that enables employees to submit spontaneous improvements regarding business processes. As opposed to most other methods and tools we also aim at using collaboration among employees to support further process improvement. So far we have implemented the tool-based method for iPhone and iPad and evaluated the method with walkthroughs and on-site testing regarding efficiency, effectivity and satisfaction.

The strong influence of requirements engineering on the success of software development projects raises the question of how requirements engineering should be performed best in iterative software development projects. In order to answer this question this master thesis investigated selected textbooks and conducted 26 assessments regarding the requirements engineering process with the help of a novel Requirements Engineering Assessment Guide. As a result the most important requirements engineering activities, strengths as well as pitfalls of the requirements engineering process in iterative software development which were mentioned in the literature are presented. Furthermore this master thesis describes typical as well as special findings which were observed during the conducted assessments. This work concludes with a comparison of the findings from literature and practice and shows that to a large extent practitioners implemented iterative requirements engineering as described in literature.

In this thesis we present a concept how to conduct metamodeling in FlexiSketch and show two possible usages of this metamodel information. Additionally, an evaluation with industry practitioners has been conducted where we could show that modeling experts are able to create accurate models with FlexiSketch. Additionally, we tested if they are able to develop a correct metamodel with FlexiSketch and discovered that answering this question is not straightforward. We learned that they were able to develop a syntactical correct metamodel, but we could not conclusively answer the questions if the metamodels are complete. Nevertheless, we found out that the inferred metamodel was consistent with the mental metamodel of the industry practitioners. Unfortunately, we saw that the creating metamodels with FlexiSketch is more time consuming and error-prone than letting the modeling experts draw them by hand. But the usage of FlexiSketch leads to more complete metamodels compared to the manually drawn ones. However, this is only a first prototype implementation and we give now a set of recommendations on which additional features must be implemented in the future.

The significant wide impact of mobile technologies (e.g., smartphones, tablets) and the difficulty of mastering their complexity (due to factors like constant emergence and evolution) pose new challenges to many (if not all) software engineering disciplines. We particularly see these challenges when thinking of average citizens that carry out their daily activities in smart environments where mobile technologies and sensors installed provide many potential advantages to support them. Applications that could enable informed decision-making are currently beyond what software developers can provide. This position paper discusses challenges, and highlights current approaches available in order to support decision-making for thoughtful living. We present an initial version of a comprehensive framework to overcome the challenges identified and analyse which software engineering research lines may help to implement it. A motivating scenario is used to conduct the discussion.

Requirements elicitation is widely seen as a crucial step towards delivering successful software. In the context of emerging cloud systems, the question is whether and how the elicitation process differs from that used for traditional systems, and if the current methods suffice. We interviewed 19 cloud providers to gain an in-depth understanding of the state of practice with regard to the adoption and implementation of existing elicitation methods. The results of this exploratory study show that, whereas a few cloud providers try to implement and adapt traditional methods, the large majority uses ad-hoc approaches for identifying consumer needs. There are various causes for this situation, ranging from consumer reachability issues and previous failed attempts, to a complete lack of development strategy. The study suggests that only a small number of the current techniques can be applied successfully in cloud systems, hence showing a need to research new ways of supporting cloud providers. The main contribution of this work lies in revealing what elicitation methods are used by cloud providers and clarifying the challenges related to requirements elicitation posed by the cloud paradigm. Further, we identify some key features for cloud-specific elicitation methods.

Requirements engineers often use whiteboards or pen and paper to draw diagrams during early requirements elicitation stages. FlexiSketch is envisioned to become an appealing alternative to these physical drawing spaces, as it also allows freely sketching all kinds of diagrams. The first prototype has been released in 2012 for Android devices. The main issue of this prototype is its limitation regarding metamodeling. There is a lack of functionalities to specify the modeling language. The goal of this thesis is to extend the FlexiSketch prototype with metamodeling functionality. Different concepts have been created and evaluated, of how metamodel information with its key elements can be inferred from the user drawings, and what information can only be received by asking the user explicitly. Based on the evaluation of the concepts a wizard has been implemented supporting metamodeling functionality. It can be shown that the new feature is a valuable approach to extract the required metamodel information from the user.

Shared understanding is essential for efficient communication in software development and evolution projects when the risk of unsatisfactory outcome and rework of project results shall be low. Today, however, shared understanding is used mostly in an unreflected, intuitive way. This is particularly true for implicit shared understanding. In this paper, we investigate the role, value and usage of shared understanding in Software Engineering. We contribute a reflected analysis of the problem, in particular of how to rely on implicit shared understanding. We discuss enablers and obstacles, compile existing practices for dealing with shared understanding, and present a roadmap for improving knowledge and practice in this area.

Usability and accessibility issues are common causes why software fails to meet user requirements. However, requirements engineers still focus on functional requirements and might ignore to also elicit system usability and accessibility requirements. This is a high risk which can lead to project and software failure. Improving the usability and accessibility of a system in a later development stage is costly and time consuming. Targeting these concerns, the workshop envisioned that research must address the proper integration of system usability and accessibility requirements into the requirements engineering process and also must focus on how to manage and control the evaluation of these requirements in a systematic way. UsARE 2012 provided a platform for discussing issues which are relevant for both fields, the Requirements Engineering (RE) and the Human Computer Interaction (HCI). The workshop aim was to bring\ together people from these two communities (RE and HCI) to explore this integration. Researchers and practitioners were invited to submit contributions including problem statements, technical solutions, experience reports, planned work and vision papers. Envisioned results may help aligning RE and HCI processes in order to overcome open issues in these fields.

A model is an abstract representation of an entity created for a given purpose. Software engineers use many kinds of models in various contexts, ranging from informal models sketched on a whiteboard to executable models deployed in a production environment. Among other qualities, a "good" model is at the right level of abstraction. Indeed, a model that is too abstract may lead to imprecise or incorrect conclusions while a model that is too detailed is larger and more complex than necessary. One way or the other, a model loses much of its value if it is at the wrong level of abstraction. Today, modelers must rely on their instinct and experience to decide how much and what detail is worth including in a model. This ad-hoc form of modeling may result in models that are either too abstract or too detailed for their intended use. We believe that building models at the right level of abstraction is too important to depend solely on the modeler's skill. Thus, our research aims at providing modelers with an objective measurement of a model's abstractness and systematic guidance to attain the right level of abstraction. In this thesis, we present MiRiA (which stands for Modeling at the Right level of Abstraction), an approach split in two parts. The first part is a metamodeling activity, where the purpose of a model is captured and operationalized with a set of model operations — such as analysis, queries, simulations and transformations — and a metamodel supporting them. This step ensures that both the modeler and the users share the same understanding of the model's purpose. The second part of MiRiA consists in confronting a model with its usage by a set of model operations. When performed on a model, an operation computes new information based on the information stored in the model. During its execution, it navigates through the content of the model and gathers relevant information from model elements. The set of elements accessed by a model operation during its execution forms the footprint of that operation. The comparison between the actual and expected footprint reveals excessive information in the model or suggests information missing from it. Based on these indications, the modelers can improve their models by simplifying or extending them until they reach the right level of abstraction.

In this paper, we report on our experience with the application of validated models to assess performance, reliability, and adaptability of a complex mission critical system that is being developed to dynamically monitor and control the position of an oil-drilling platform. We present real-time modeling results that show that all tasks are schedulable. We performed stochastic analysis of the distribution of task execution time as a function of the number of system interfaces. We report on the variability of task execution times for the expected system configurations. In addition, we have executed a system library for an important task inside the performance model simulator. We report on the measured algorithm convergence as a function of the number of vessel thrusters. We have also studied the system architecture adaptability by comparing the documented system architecture and the implemented source code. We report on the adaptability findings and the recommendations we were able to provide to the system’s architect. Finally, we have developed models of hardware and software reliability. We report on hardware and software reliability results based on the evaluation of the system architecture.

The existence of an up-to-date requirements specification is very crucial for software evolution. In fact, the requirements specification facilitates program comprehension, gives the rationale behind the implementation, prevents undoing important decisions and serves as a basis to discuss feature changes with stakeholders. Despite their importance, requirements specifications are rarely kept up-to-date. This is mainly due to the high-costs of the approaches used nowadays to maintain them. In fact, requirements maintenance is still a manual task that requires the engineer to go through the whole requirements document, which can be hundreds or thousands of pages, and look for the parts that need to be changed. In this thesis, we explore new ways to reduce the effort needed to maintain the requirements specification. We propose two approaches, one based on tests and one based on code, to automatically identify the parts of the requirements specification that become outdated when the implementation is changed. In the code-based approach, which is the main contribution of the thesis, we compare two versions of the source code, identify the relevant vi — changes and trace these changes back to the requirements to identify the parts that are impacted. When applying the approach to two case studies, it identified 70% to 100% of the outdated requirements within a list including less than 20% of the total number of requirements in the specification. Automatically identifying the requirements that are likely to be outdated should reduce the effort needed for requirements maintenance and thus encourage maintainers to regularly update the specification. Zusammenfassung Die Verfügbarkeit einer aktuellen Anforderungsspezifikation ist von grosser Bedeutung für die Software-Evolution. Eine Anforderungsspezifikation erleichtert das Programmverständnis, liefert die Beweggründe für die Implementierung, verhindert, dass wichtige Entscheidungen versehentlich rückgängig gemacht werden und dient als Grundlage zur Diskussion von Funktionsänderungen mit Interesseneignern (Stakeholdern). In realen Projekten allerdings werden Anforderungsspezifikationen selten gepflegt bzw. aktuell gehalten. Dies ist vor allem bedingt durch den hohen Aufwand, den die heutigen Ansätze erfordern. Faktisch ist die Pflege der Anforderungsspezifikation heute noch ein manueller Prozess, bei dem die verantwortliche Person das gesamte Anforderungsdokument, welches hunderte oder tausende von Seiten umfassen kann, durch- lesen muss, um die zu aktualisierenden Stellen zu identifizieren. In dieser Arbeit untersuchen wir neue Ansätze, um den Aufwand für die Pflege der Anforderungsspezifikation zu reduzieren. Wir schlagen zwei automatisierte Methoden vor, um diejenigen Teile der Anforderungsspezifikation zu identifizieren, die bei einer Änderung in der Implementierung angepasst werden müssen. Eine der beiden Methoden ist testbasiert, die andere quellcodebasiert. In der quellcodebasierten Methode, die den wichtigsten Beitrag dieser Arbeit darstellt, werden zwei Versionen des Quellcodes verglichen, relevante Anderungen identifiziert und diese zu den zugehörigen Anforderungen zurückverfolgt. Bei der Anwendung dieser Methode auf zwei Fallstudien wurden 70% bis 100% der nicht mehr aktuellen Anforderungen identifiziert, und dies in einer Liste mit weniger als 20% der gesamten Anforderungen. Die automatische Ermittlung der Anforderungen, welche bei einer Anderung im Code mit grosser Wahrscheinlichkeit nicht mehr aktuell sind, sollte den Aufwand für die Pflege der Anforderungen reduzieren und dadurch die Pflege- verantwortlichen motivieren, nicht nur den Code, sondern auch die Anforderungsspezifikation zu pflegen und aktuell zu halten.

Although most software engineers have access to various modeling tools, they often use paper and pencil to sketch ideas and to support modeling activities. This is particularly true when they are working in the field, for example gathering requirements from stakeholders. Sketches documented on paper very often need to be re-modeled in order to allow further processing – an error-prone and time-consuming task. The aim of our work is to better integrate these early sketching and modeling activities into the overall software engineering process. We have prototyped FlexiSketch, a mobile application that supports freeform, flexible, in-situ modeling and allows software engineers to annotate their models. Apart from the application and the underlying conceptual solution we also present the results of initial experiments. Those suggest that the tool supports freeform sketching similar to paper and pencil, and that practitioners would be willing to use a tool like FlexiSketch in their daily work.

Quality requirements are main drivers for architectural decisions of software systems. However, in practice they are often dismissed during development, because of initially unknown dependencies and consequences that complicate implementation. To decide for meaningful, feasible quality requirements and trade them off with functional requirements, tighter integration of software architecture evaluation and requirements prioritization is necessary. In this position paper, we propose a tool-supported method for architecture-driven feedback into requirements prioritization. Our method uses automated design space exploration based on quantitative quality evaluation of software architecture models. It helps requirements analysts and software architects to study the quality trade-offs of a software architecture, and use this information for requirements prioritization.

With the recent emergence of cloud computing, the number of cloud service providers is constantly increasing and consumers’ needs are becoming more sophisticated. This situation leads to an evident need for methods which enable providers to correctly elicit requirements coming from very heterogeneous consumers. Moreover, consumers demand ways to find the cloud services which best meet their needs. We propose to address the issues identified by creating the StakeCloud community platform, capable of working as a cloud resources marketplace. It will allow users to input their resource needs and provide them with matching cloud services. Additionally, in case these are not met, they can be communicated as new requirements to cloud providers. Such a contribution will improve the requirements communication and resource identification in cloud systems, bridging the gap between consumers and providers.

Early stage requirements models are often documented using paper and pencil-based approaches. In our current research, we are exploring lightweight modeling tools and approaches that could provide a beneficial alternative. We have developed the FlexiSketch tool prototype which combines support for free-form sketching with lightweight metamodeling capabilities. This creates the possibility for an automatic transcription of the documented information in later modeling stages. The tool is designed to be used on tablet devices.

When modeling requirements, software analysts have to choose the relevant modeling constructs among all those available. If they do not choose the right set, their model may lack some important information or their model may contain many superfluous details. In previous work, we proposed to capture the purpose of a model with a set of model operations such as queries or model transformations. Then, modelers can analyze the footprints of these operations, that is, the set of model elements touched during their execution.In this paper, we report on two controlled experiments performed with students to evaluate whether footprinting can help them in creating better models. While our studies did not demonstrate statistically significant benefits of footprinting, they reveal the importance of training and tool support for the analysis of footprints.

Keeping requirements specifications up-to-date when systems evolve is a manual and expensive task. Software engineers have to go through the whole requirements document and look for the requirements that are affected by a change. Consequently, engineers usually apply changes to the implementation directly and leave requirements unchanged. In this paper, we propose an approach for automatically detecting outdated requirements based on changes in the code. Our approach first identifies the changes in the code that are likely to affect requirements. Then it extracts a set of keywords describing the changes. These keywords are traced to the requirements specification, using an existing automated traceability tool, to identify affected requirements. Automatically identifying outdated requirements reduces the effort and time needed for the maintenance of requirements specifications significantly and thus helps preserve the knowledge contained in them. We evaluated our approach in a case study where we analyzed two consecutive source code versions and were able to detect 12 requirements-related changes out of 14 with a precision of 79%. Then we traced a set of keywords we extracted from these changes to the requirements specification. In comparison to simply tracing changed classes to requirements, we got better results in most cases.