390 research outputs found
Arguing security: validating security requirements using structured argumentation
This paper proposes using both formal and structured informal arguments to show that an eventual realized system can satisfy its security requirements. These arguments, called 'satisfaction arguments', consist of two parts: a formal argument based upon claims about domain properties, and a set of informal arguments that justify the claims. Building on our earlier work on trust assumptions and security requirements, we show how using satisfaction arguments assists in clarifying how a system satisfies its security requirements, in the process identifying those properties of domains that are critical to the requirements
An integrated framework for representing design history
Design is a difficult and complex process requiring; creativity, experience, domain
knowledge, and problem solving skills. Much of the information that is used and
generated during the design process is rarely explicitly recorded. This includes the
reasons why design decisions were made. This information is commonly referred to as
design rationale (DR). As a result many of the tasks that are performed during the
design process are still poorly understood and modifications to designs can have
unforeseen and possibly dangerous consequences. [Continues.
The treatment of non-functional requirements in MIKE
... this paper it is shown how non-functional requirements are modelled in MIKE, an approach to the development of knowledge-based systems. A semi-formal hypermedia-based model is used to describe the results of the elicitation and interpretation of non-functional requirements and their relationships. Non-functional requirements are the driving force behind the decisions taken in the design phase of MIKE. The impact of non-functional requirements on design decisions and interdependencies between design decisions are explicitly recorded in an additional model in MIKE, thus resulting in a rich documentation of the rationale of design decisions and also providing an important contribution to the traceability of these requirement
Recommended from our members
Arguing satisfaction of security requirements
This chapter presents a process for security requirements elicitation and analysis,
based around the construction of a satisfaction argument for the security of a
system. The process starts with the enumeration of security goals based on assets
in the system, then uses these goals to derive security requirements in the form of
constraints. Next, a satisfaction argument for the system is constructed, using a
problem-centered representation, a formal proof to analyze properties that can be
demonstrated, and structured informal argumentation of the assumptions exposed
during construction of the argument. Constructing the satisfaction argument can
expose missing and inconsistent assumptions about system context and behavior
that effect security, and a completed argument provides assurances that a system
can respect its security requirements
End-to-End Rationale Reconstruction
The logic behind design decisions, called design rationale, is very valuable.
In the past, researchers have tried to automatically extract and exploit this
information, but prior techniques are only applicable to specific contexts and
there is insufficient progress on an end-to-end rationale information
extraction pipeline. Here we outline a path towards such a pipeline that
leverages several Machine Learning (ML) and Natural Language Processing (NLP)
techniques. Our proposed context-independent approach, called Kantara, produces
a knowledge graph representation of decisions and of their rationales, which
considers their historical evolution and traceability. We also propose
validation mechanisms to ensure the correctness of the extracted information
and the coherence of the development process. We conducted a preliminary
evaluation of our proposed approach on a small example sourced from the Linux
Kernel, which shows promising results
- …