The evolution of tropos: Contexts, commitments and adaptivity

Software evolution is the main research focus of the Tropos group at University of Trento (UniTN): how do we build systems that are aware of their requirements, and are able to dynamically reconfigure themselves in response to changes in context (the environment within which they operate) and requirements. The purpose of this report is to offer an overview of ongoing work at UniTN. In particular, the report presents ideas and results of four lines of research: contextual requirements modeling and reasoning, commitments and goal models, developing self-reconfigurable systems, and requirements awareness

Niche Modeling: Ecological Metaphors for Sustainable Software in Science

This position paper is aimed at providing some history and provocations for the use of an ecological metaphor to describe software development environments. We do not claim that the ecological metaphor is the best or only way of looking at software - rather we want to ask if it can indeed be a productive and thought provoking one.Comment: Position paper submitted to: Workshop on Sustainable Software for Science: Practice and Experiences (WSSSPE) SC13, Sunday, 17 November 2013, Denver, CO, US

An analytic framework to assess organizational resilience

Background: Resilience Engineering is a paradigm for safety management that focuses on coping with complexity to achieve success, even considering several conflicting goals. Modern socio-technical systems have to be resilient to comply with the variability of everyday activities, the tight-coupled and underspecified nature of work and the nonlinear interactions among agents. At organizational level, resilience can be described as a combination of four cornerstones: monitoring, responding, learning and anticipating. Methods: Starting from these four categories, this paper aims at defining a semi-quantitative analytic framework to measure organizational resilience in complex socio-technical systems, combining the Resilience Analysis Grid (RAG) and the Analytic Hierarchy Process (AHP). Results: This paper presents an approach for defining resilience abilities of an organization, creating a structured domain-dependent framework to define a resilience profile at different levels of abstraction, to identify weaknesses and strengths of the system and thus potential actions to increase system’s adaptive capacity. An illustrative example in an anaesthesia department clarifies the outcomes of the approach. Conclusions: The outcome of the RAG, i.e. a weighted set of probing questions, can be used in different domains, as a support tool in a wider Safety-II oriented managerial action to bring safety management into the core business of the organization

Usable Security: Why Do We Need It? How Do We Get It?

Security experts frequently refer to people as “the weakest link in the chain” of system security. Famed hacker Kevin Mitnick revealed that he hardly ever cracked a password, because it “was easier to dupe people into revealing it” by employing a range of social engineering techniques. Often, such failures are attributed to users’ carelessness and ignorance. However, more enlightened researchers have pointed out that current security tools are simply too complex for many users, and they have made efforts to improve user interfaces to security tools. In this chapter, we aim to broaden the current perspective, focusing on the usability of security tools (or products) and the process of designing secure systems for the real-world context (the panorama) in which they have to operate. Here we demonstrate how current human factors knowledge and user-centered design principles can help security designers produce security solutions that are effective in practice

Modelling Sociotechnical Change in IS with a Quantitative Longitudinal Approach: The PPR Method.

The following article suggests a critical realistic framework, which aims at modeling sociotechnical change linked to end-users' IT appropriation: the "archetypal approach". The basic situations it includes (the "sociotechnical archetypes"), and the possible appropriative trajectories that combine them, together with three propositions linked to the model, are developed. They are illustrated by means of a case study describing the implementation of an e-learning system within a French university. The paper then presents an instrumentation of the theoretical framework, based on a quantitative longitudinal approach: the Process Patterns Recognition (PPR) method. This one draws mainly on Doty, Glick and Huber (1993, 1994) who propose to evaluate the distance between organizational archetypes and empirical configurations by means of Euclidean distance calculus. The adaptation consists in evaluating the distance between appropriative trajectories (embodied by series of theoretically specified vectors) and empirical processes linked to the implementation of computerized tools in organizations. The PPR method is then applied to the same organizational setting as the one related to the case study. It validates the relevance of this type of a research strategy, which makes it possible to model sociotechnical dynamics related to end-users' IT appropriations.Technology-organization interaction; sociotechnical process modelling; Process Patterns Recognition; critical realism; Structuration; methodology of research; longitudinal methods; e-learning;

Modeling forward base camps as complex adaptive sociotechnical systems

Work for this thesis focuses on managing complexity within complex adaptive sociotechnical systems by using model based systems engineering and virtual engineering tools. The hypothesis of the work is that integrated virtual models can be used to increase the understanding of these complex adaptive sociotechnical systems, resulting in a reduction in the perceived complexity. This was tested by the use of a two factor survey given to experts of a system (the customer and members of the model design team) and to a target user-group. This group received a demonstration and had hands on experience with a preliminary model of the same system. Results of the survey show that new system designers using an integrated virtual modeling tool view the system as less complex than experts involved with designing the same system without using a tool. Further data is required to support this conclusion, and a plan for gathering more data is described. The application of this method to an emergency response system is then discussed to show how it can be applied to other complex sociotechnical systems and guidelines for applying this methodology are proposed

WESTT (Workload, Error, Situational Awareness, Time and Teamwork): An analytical prototyping system for command and control

Modern developments in the use of information technology within command and control allow unprecedented scope for flexibility in the way teams deal with tasks. These developments, together with the increased recognition of the importance of knowledge management within teams present difficulties for the analyst in terms of evaluating the impacts of changes to task composition or team membership. In this paper an approach to this problem is presented that represents team behaviour in terms of three linked networks (representing task, social network structure and knowledge) within the integrative WESTT software tool. In addition, by automating analyses of workload and error based on the same data that generate the networks, WESTT allows the user to engage in the process of rapid and iterative “analytical prototyping”. For purposes of illustration an example of the use of this technique with regard to a simple tactical vignette is presented