5 research outputs found
Dependency-Aware Software Requirements Selection using Fuzzy Graphs and Integer Programming
Software requirements selection aims to find an optimal subset of the
requirements with the highest value while respecting the project constraints.
But the value of a requirement may depend on the presence or absence of other
requirements in the optimal subset. Such Value Dependencies, however, are
imprecise and hard to capture. In this paper, we propose a method based on
integer programming and fuzzy graphs to account for value dependencies and
their imprecision in software requirements selection. The proposed method,
referred to as Dependency-Aware Software Requirements Selection (DARS), is
comprised of three components: (i) an automated technique for the
identification of value dependencies from user preferences, (ii) a modeling
technique based on fuzzy graphs that allows for capturing the imprecision of
value dependencies, and (iii) an Integer Linear Programming (ILP) model that
takes into account user preferences and value dependencies identified from
those preferences to reduce the risk of value loss in software projects. Our
work is verified by studying a real-world software project. The results show
that our proposed method reduces the value loss in software projects and is
scalable to large requirement sets.Comment: arXiv admin note: text overlap with arXiv:2003.0480
Evaluating fault tolerance in security requirements of web services.
It is impossible to identify all of the internal and
external security faults (vulnerabilities and threats) during the security analysis of web services. Hence, complete fault prevention would be impossible and consequently a security failure may occur within the system. To avoid security failures, we need to provide a measurable level of fault tolerance in the security requirements of target web service. Although there are
some approaches toward assessing the security of web services but still there is no well-defined evaluation model for security improvement specifically during the requirement engineering phase. This paper introduces a measurement model for evaluating the degree of fault tolerance (FTMM) in security requirements of web services by explicitly factoring the mitigation techniques into the evaluation process which eventually contributes to required level of fault tolerance in security requirements. Our approach evaluates overall tolerance of the target service in the presence of the security faults through
evaluating the computational security requirement model (SRM) of the service. We measure fault tolerance of the target web service by taking into consideration the cost, technical ability, impact and flexibility of the security goals established to mitigate the security fault