Eliciting and specifying requirements for highly interactive systems using activity theory

The processes of eliciting user requirements and formalising these into specifications are critical for the success of highly interactive systems. These processes are still poorly understood, partly because current methods are usually ad hoc and lack any theoretical basis. A number of researchers have used Activity Theory (AT) to refine these processes and have met with some success. To date, this approach has been more useful explaining the processes post hoc. This positional paper proposes an AT method for requirement elicitation and specification definition. The method is sufficiently prescriptive and well formed that it does not require any detailed understanding of AT

The two cultures and the internet revolution

The service-orientation paradigm has not only become prevalent in the software systems domain in recent years, but is also increasingly applied on the business level to restructure organisational capabilities. In this paper, we present the results of an extensive literature review of 30 approaches related to service identification and analysis for both domains. Based on the consolidation of a superset of comparison criteria for service-oriented methodologies found in related literature, we compare and evaluate the different characteristics of service engineering methods with a focus on service analysis. Although a close business and IT alignment is regarded as one of the core beneficial promises of service-orientation, our analysis suggests that there is a lack of unified, comprehensive methodology for service identification and analysis integrating and addressing both domains. Thus, we discuss how our results can inform directions for future research in this area

Integrating Security into the Undergraduate Software Engineering Curriculum

This research included a thorough examination of the existing software assurance or what is commonly called software security knowledge, methodologies and what information security technologies is currently being recommended by the information technology community. Finally it is demonstrated how this security knowledge could be incorporated into the curriculum for undergraduate software engineering

Collaborative Requirements Engineering Notation for Planning Globally Distributed Projects

Requirements engineering represents a critical phase of the software development lifecycle in which requirements describing the functional and non-functional behaviors of a system are elicited, modeled, analyzed, negotiated, agreed, and specified. In traditional software systems these tasks are typically performed in face-to-face meetings between requirements engineers and the project level stakeholders. However, in today’s global software development environment, it is becoming increasingly commonplace for stakeholders to be dispersed across multiple geographical locations and time zones. Under these circumstances, face-to-face meetings become expensive, and often impossible to facilitate, and as a result the success of the requirements process relies, at least partially, on tools and processes that support distributed communication and collaboration. To investigate the challenges and effective practices for performing requirements activities in distributed environments, we conducted a series of in-depth interviews with project managers and business analysts who have worked with non-co-located stakeholders. Since many project managers fail to plan and deploy the necessary infrastructures to support quality communication, and in practice requirements are often elicited and managed via email exchanges; we introduced a visual modeling notation to help project managers proactively plan the collaboration infrastructures needed to support requirements-related activities in globally distributed projects. An underlying meta-model defines the elements of the modeling language, including locations, stakeholder roles, communication flows, critical documents, and supporting tools and repositories. The interview findings were further analyzed to identify practices that led to success or created significant challenges for the projects; resulting in a set of patterns for globally distributed requirements engineering

Initiating organizational memories using ontology network analysis

One of the important problems in organizational memories is their initial set-up. It is difficult to choose the right information to include in an organizational memory, and the right information is also a prerequisite for maximizing the uptake and relevance of the memory content. To tackle this problem, most developers adopt heavy-weight solutions and rely on a faithful continuous interaction with users to create and improve its content. In this paper, we explore the use of an automatic, light-weight solution, drawn from the underlying ingredients of an organizational memory: ontologies. We have developed an ontology-based network analysis method which we applied to tackle the problem of identifying communities of practice in an organization. We use ontology-based network analysis as a means to provide content automatically for the initial set up of an organizational memory

Security-Driven Software Evolution Using A Model Driven Approach

High security level must be guaranteed in applications in order to mitigate risks during the deployment of information systems in open network environments. However, a significant number of legacy systems remain in use which poses security risks to the enterprise’ assets due to the poor technologies used and lack of security concerns when they were in design. Software reengineering is a way out to improve their security levels in a systematic way. Model driven is an approach in which model as defined by its type directs the execution of the process. The aim of this research is to explore how model driven approach can facilitate the software reengineering driven by security demand. The research in this thesis involves the following three phases. Firstly, legacy system understanding is performed using reverse engineering techniques. Task of this phase is to reverse engineer legacy system into UML models, partition the legacy system into subsystems with the help of model slicing technique and detect existing security mechanisms to determine whether or not the provided security in the legacy system satisfies the user’s security objectives. Secondly, security requirements are elicited using risk analysis method. It is the process of analysing key aspects of the legacy systems in terms of security. A new risk assessment method, taking consideration of asset, threat and vulnerability, is proposed and used to elicit the security requirements which will generate the detailed security requirements in the specific format to direct the subsequent security enhancement. Finally, security enhancement for the system is performed using the proposed ontology based security pattern approach. It is the stage that security patterns derived from security expertise and fulfilling the elicited security requirements are selected and integrated in the legacy system models with the help of the proposed security ontology. The proposed approach is evaluated by the selected case study. Based on the analysis, conclusions are drawn and future research is discussed at the end of this thesis. The results show this thesis contributes an effective, reusable and suitable evolution approach for software security

A Comprehensive Analysis of Literature Reported Software Engineering Advancements Using AHP

The paper provides a various potential improvements in software engineering using analytic hierarchical processing (AHP). The presented work could support in assessing the selection of process, project, methods and tools depending on various situations encounter during software engineering. AHP belongs to Multi Criteria Decision making methods which seems to be a continuous research to solve critical and complex scientific and software engineering applications. This paper discusses existing key research contributions and their advancements in the areas of both software engineering and in combination of AHP with software engineering