Modeling the role variability in the MAP process model

International audienceBusiness process modeling is a valuable technique helping organizations to specify their processes, to analyze their structure and to improve their performance. Conventional process modeling techniques are proven to be inefficient while dealing with non-repetitive, knowledge-intensive processes such as Case Management processes. In this work we use the MAP notation to model a Mortgage Approval Process as defined in Banking. To increase the navigability and practical value of map models, we extend the MAP notation with the concepts of Roles, Relations between roles, and Role Configuration Rules

A User Centric View of Lyee Requirements

National audienceThe paper deals with the modelling of Lyee user requirements and guidelines to support their capture. The Sorbonne contribution to the Lyee collaborative project aims to reduce the software development cycle to two explicit steps, requirements engineering and code generation by coupling the code generation features of LyeeALL with an interface to capture user requirements. The paper presents a 2-layer meta-model relating the set of concepts to capture user requirements to the set of concepts for the formulation of software requirements that are the input of the LyeeALL generation mechanism. It exemplifies the concepts with example and introduces the guidance support for capturing these user centric requirements

A goal-based round-trip method for system development

In most cases information system development can be seen as an exercise of business process reengineering, either because it automates some human-based processes or because a legacy system is going to be replaced. From this point of view, we can say that the specification of the system-to-be goes from the observation and analysis of the current system to the specification of the system-to-be, going through the construction and evaluation of alternatives. Goal-oriented models are a valuable formalism to support the strategic analysis of the current process. In this paper, we propose a method supporting that round-trip engineering process, focusing in the prescriptive construction of strategic i* models and the systematic generation of alternatives. Several requirements engineering techniques are used in order to model the existing process, which allow a reliable generation and evaluation of alternatives as well as the reuse of strategic knowledge for information system development.Peer ReviewedPostprint (author's final draft

A Health-care Application of Goal-driven Software Design

In this paper we focus on goal engineering by addressing issues such as goal elicitation, specification, structuring and operationalisation. Specification of business goals is regarded as a means to raise the level of abstraction (and automation) at which business logic is incorporated in model driven software design in the context of service oriented architectures. More specifically, the proposed goal modelling approach consists of an abstract syntax (metamodel) and a concrete syntax (graphical notation) for the specification of business goals. We also proposed a framework for the goal-driven design of service-oriented software applications. In particular, we illustrate our approach by means of a case study carried out in the healthcare sector and we explain the role business goals (operationalised in the form of business rules) can play in software design. This research also outlines a number of areas that have significant research potential

Using Security Attack Scenarios to Analyse Security During Information Systems Design

It has been widely argued in the literature that security concerns should be integrated with software engineering practices. However, only recently work has been initiated towards this direction. Most of this work, however, only considers how security can be analysed during the development lifecycles and not how the security of an information system can be tested during the analysis and design stages. In this paper we present results from the development of a technique, which is based on the use of scenarios, to test the reaction of an information system against potential security attacks

Security Attack Testing (SAT)—testing the security of information systems at design time

For the last few years a considerable number of efforts have been devoted into integrating security issues into information systems development practices. This has led to a number of languages, methods, methodologies and techniques for considering security issues during the developmental stages of an information system. However, these approaches mainly focus on security requirements elicitation, analysis and design issues and neglect testing. This paper presents the Security Attack Testing (SAT) approach, a novel scenario-based approach that tests the security of an information system at the design time. The approach is illustrated with the aid of a real-life case study involving the development of a health and social care information system