Bridging User-Centered Design and Requirements Engineering with GRL and Persona Cases

Despite the large body of i* research, there has been com- paratively little work on how goal-modelling techniques can help identify usability concerns. Recent work has considered how goal models might better integrate with User-Centered Design. This paper takes an alterna- tive perspective by examining how work in User-Centered Design, specifi- cally Persona Cases, can be re-framed as goal models. We briefly describe an approach for doing this, and present some preliminary results from applying this approach using the Goal-oriented Requirements Language and existing tool support

Finding and Resolving Security Misusability with Misusability Cases

Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice- versa. One way of using scenarios to bridge security and usability involves explicitly describing how design deci- sions can lead to users inadvertently exploiting vulnera- bilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems sub- sequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illus- trating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems

Eliciting and Visualising Trust Expectations using Persona Trust Characteristics and Goal Models

Developers and users rely on trust to simplify complexity when building and using software. Unfortunately, the invisibility of trust and the richness of a system’s context of use means that factors influencing trust are difficult to see, and assessing its implications before a system is built is complex and time-consuming. This paper presents an approach for eliciting and visualising differences between trust expectations using persona cases, goal models, and complementary tool support. We evaluate our approach by using it to identify misplaced trust expectations in a software infrastructure by its users and application developers

Identifying Implicit Vulnerabilities through Personas as Goal Models

When used in requirements processes and tools, personas have the potential to identify vulnerabilities resulting from misalignment between user expectations and system goals. Typically, however, this potential is unfulfilled as personas and system goals are captured with different mindsets, by different teams, and for different purposes. If personas are visualised as goal models, it may be easier for stakeholders to see implications of their goals being satisfied or denied, and designers to incorporate the creation and analysis of such models into the broader RE tool-chain. This paper outlines a tool-supported approach for finding implicit vulnerabilities from user and system goals by reframing personas as social goal models. We illustrate this approach with a case study where previously hidden vulnerabilities based on human behaviour were identified

Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS

As systems become more complex, the potential for security vulnerabilities being introduced increases. If we are to provide assurances about systems we design then we need the means of analysing, managing, and generally making sense of the data that contributes to the design. Unfortunately, despite ongoing research into tools for supporting secure software development, there are few examples of how tools can be used to help build and support design models associated with security and usability. This paper summarises some of our experiences developing and applying CAIRIS: a requirements management tool for usable and secure system design. We describe our motivation for building CAIRIS, summarise how it was built and evaluated, and present our experiences applying it to real world case studies

Organization Goal-Oriented Requirements Elicitation Process to Enhance Information System

This paper introduces and proposes an approach in goal-oriented requirements elicitation process that using Key Performance Indicators (KPIs), in information system enhancement process. KPIs can be used to control and reduce user requirements problems caused by personal interests of users in requirements elicitation process. An information system enhancement project for a distribution company has been used as a case study to demonstrate this approach. The case study shows that the requirements can be elicited from the organization goals and current information system condition rather than from user requirements. This approach also showed that KPIs have been able to control some user requirements that have difference point of view with high level stakeholder requirements. Compared with the previous research, IT goals and KPIs are more easily identified in the enhancement process rather than through development of a brand new information system

Ontological analysis of means-end links

The i* community has raised several main dialects and dozens of variations in the definition of the i* language. Differences may be found related not just to the representation of new concepts but to the very core of the i* language. In previous work we have tackled this issue mainly from a syntactic point of view, using metamodels and syntactic-based model interoperability frameworks. In this paper, we go one step beyond and consider the use of foundational ontologies in general, and UFO in particular, as a way to clarify the meaning of core i* constructs and as the basis to propose a normative definition. We focus here on one of the most characteristics i* constructs, namely means-end links.Postprint (published version

A persona-based modelling for contextual requirements

[Context & Motivation] Personas are a technique used to guide developing products accommodating people diversity. They are archetypes reflecting common combinations of users’ characteristics, needs and goals. Persons can add a human-centred facet to requirements engineering practice which is often revolving around the concept of business roles. [Question/Problem] Goal modelling is an example of mainstream requirements engineering approach driven by business roles and their responsibilities and needs represented as goals. Personnel in the system are expected to act according to this prescriptive specification. Personnel diversity is often seen as a customization and design issue. [Principal idea/Results]. In this paper we propose to consider such diversity as a conditional context in requirements modelling and, as an approach, augment Contextual Goal Model (CGM) with personas as a new contextual dimension. Additionally, we propose an algorithm to analyse the achievability of CGM goals in the presence of the personas contexts variation. We evaluate our approach using a Mobile Personal Emergency Response System (MPERS) implemented as a prototype. [Contribution] Our persona-based modelling approach paves the way to augment requirements with a consideration of people diversity and enrich the business perspective with a more user-centred design facet

Visualising Personas as Goal Models to Find Security Tensions

This paper presents a tool-supported approach for visualising personas as social goal models, which can subsequently be used to identify security tensions. We devised an approach for partially automating the construction of social goal models from personas. We provide two examples of how this approach can be used to identify previously hidden implicit vulnerabilities, and validate ethical hazards faced by penetration testers and safeguards that address them. Visualising personas as goal models makes it easier for stakeholders to see implications of their goals being satisfied or denied, and designers to incorporate the creation and analysis of such models into the broader RE tool-chain. Our approach can be adopted with minimal changes to existing User Experience (UX) and goal modelling approaches and Security Requirements Engineering tools

Designing for cyber security risk-based decision making.

Techniques for determining and applying cyber security decisions typically follow risk- based analytical approaches where alternative options are put forward based on goals and context, and weighed in accordance to risk severity metrics. These decision making approaches are however difficult to apply in risk situations bounded by uncertainty as decision alternatives are either unknown or unclear. This problem is further compounded by the rarity of expert security decision makers and the far-reaching repercussions of un-informed decision making. The nature of operations in cyber security indicates that only a handful of systems are independent of the human operators, exposing the majority of organisations to risk from security threats and risks as a product of human decision making limitations. Addressing the problem requires considering factors contributing to risk and uncertainty during the early stages of system design, motivating the development of systems that are not only usable and secure, but that facilitate informed decision making as a central goal. The thesis investigates this by posing the question; what system design techniques should be taken into consideration to facilitate cyber security decision making during situations of risk and uncertainty? The research was approached qualitatively with interviews as the main data elicitation approach. Grounded Theory was applied to five security decision making studies to inductively elicit, model, and validate design requirements for Risk-based Decision Making in cyber security. Contributions arising from thesis work are: an identification of factors contributing to security analysts’ risk practices and understanding, a model for communicating and tracing risk rationalisation by cyber security decision makers, a conceptual model illustrating the various concepts in cyber security decision making and their relationship, and guidelines and suggested implementation techniques guiding the specification of requirements for systems deployed in cyber security Risk-based Decision Making. The thesis is validated by applying the proposed design guidelines to inform an approach used to design a charity’s secure data handling policy