Argumentation-based Methodology for Goal-oriented Requirements Language (GRL)

Goal-oriented Requirements Language (GRL) aims to capture goals and non-functional requirements of stakeholders and analyzing alternative solutions for realizing these goals. GRL also documents the rationale behind selecting certain goals or alternatives. However, it does not have any means to document and trace back all of the arguments that occur during the stakeholder’s discussion process. To address this, we have developed the RationalGRL framework. RationalGRL combines techniques for formal argumentation from artificial intelligence with goal modeling in GRL. However, we did not specify how practitioners can actually use this framework. In this paper we discuss the methodology for RationalGRL, which consists of two processes, goal modeling and argumentation, that can be done interchangeably. We motivate our approach with an example

Finding and Resolving Security Misusability with Misusability Cases

Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice- versa. One way of using scenarios to bridge security and usability involves explicitly describing how design deci- sions can lead to users inadvertently exploiting vulnera- bilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems sub- sequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illus- trating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems

RationalGRL: A Framework for Argumentation and Goal Modeling

Goal-oriented requirements modeling approaches aim to capture the intentions of the stakeholders involved in the development of an information system as goals and tasks. The process of constructing such goal models usually involves discussions between a requirements engineer and a group of stakeholders. Not all the arguments in such discussions can be captured as goals or tasks: e.g., the discussion whether to accept or reject a certain goal and the rationale for acceptance or rejection cannot be captured in goal models. In this paper, we apply techniques from computational argumentation to a goal modeling approach by using a coding analysis in which stakeholders discuss requirements for a Traffic Simulator. We combine a simplified version of a traditional goal model, the Goal-oriented Requirements Language (GRL), with ideas from argumentation on schemes for practical reasoning into a new framework (RationalGRL). RationalGRL provides a formal semantics and tool support to capture the discussions and outcomes of the argumentation process that leads to a goal model. We also define the RationalGRL development process to create a RationalGRL model

Theory of Regulatory Compliance for Requirements Engineering

Regulatory compliance is increasingly being addressed in the practice of requirements engineering as a main stream concern. This paper points out a gap in the theoretical foundations of regulatory compliance, and presents a theory that states (i) what it means for requirements to be compliant, (ii) the compliance problem, i.e., the problem that the engineer should resolve in order to verify whether requirements are compliant, and (iii) testable hypotheses (predictions) about how compliance of requirements is verified. The theory is instantiated by presenting a requirements engineering framework that implements its principles, and is exemplified on a real-world case study.Comment: 16 page

A comparative analisys of i*-based agent-oriented modeling languages

Agent-oriented models are frequently used in disciplines such as requirements engineering and organizational process modelling. i* is currently one of the most widespread notations used for this purpose. Due to its strategic nature, instead of a single definition, there exist several versions and variants, often not totally defined and even contradictory. In this paper we present a comparative study of the three most widespread i* variants: Eric Yu’s seminal proposal, the Goal-oriented Requirement Language (GRL) and the language used in the TROPOS method. Next, we propose a generic conceptual model to be used as reference framework of these three variants and we show its use for generating specific models for the three mentioned variants, as well as for other existing proposals.Peer ReviewedPostprint (author’s final draft

Identifying Implicit Vulnerabilities through Personas as Goal Models

When used in requirements processes and tools, personas have the potential to identify vulnerabilities resulting from misalignment between user expectations and system goals. Typically, however, this potential is unfulfilled as personas and system goals are captured with different mindsets, by different teams, and for different purposes. If personas are visualised as goal models, it may be easier for stakeholders to see implications of their goals being satisfied or denied, and designers to incorporate the creation and analysis of such models into the broader RE tool-chain. This paper outlines a tool-supported approach for finding implicit vulnerabilities from user and system goals by reframing personas as social goal models. We illustrate this approach with a case study where previously hidden vulnerabilities based on human behaviour were identified

Ontological analysis of means-end links

The i* community has raised several main dialects and dozens of variations in the definition of the i* language. Differences may be found related not just to the representation of new concepts but to the very core of the i* language. In previous work we have tackled this issue mainly from a syntactic point of view, using metamodels and syntactic-based model interoperability frameworks. In this paper, we go one step beyond and consider the use of foundational ontologies in general, and UFO in particular, as a way to clarify the meaning of core i* constructs and as the basis to propose a normative definition. We focus here on one of the most characteristics i* constructs, namely means-end links.Postprint (published version