Process and tool support for design patterns with safety requirements

The requirement for higher Security and Dependability (S&D) of systems is continuously increasing, even in domains tradi-tionally not deeply involved in such issues. Nowadays, many practitioners express their worries about current S&D software engineering practices. New recommendations should be considered to ground this discipline on two pillars: solid theory and proven principles. We took the second pillar towards software engineering for embedded system applications, focusing on the problem of integrating S&D by design to foster reuse. In this paper, we propose to combine design patterns and Model Driven Engineering (MDE) techniques for building component-based applications with safety requirements. The resulting modeling framework serves primarily to capture the basic concepts for specifying safety-oriented design patterns, building an S&D pattern system, and maintain safety properties, with existing modeling artifacts, during the engineering process based on the S&D pattern system. As a proof of concept, we are evaluating the feasibility of the framework through the example of the MooN pattern system for building systems having safety requirements: Communication Based Train Control (CBTC)

Early aspects: aspect-oriented requirements engineering and architecture design

This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications

A taxonomy of asymmetric requirements aspects

The early aspects community has received increasing attention among researchers and practitioners, and has grown a set of meaningful terminology and concepts in recent years, including the notion of requirements aspects. Aspects at the requirements level present stakeholder concerns that crosscut the problem domain, with the potential for a broad impact on questions of scoping, prioritization, and architectural design. Although many existing requirements engineering approaches advocate and advertise an integral support of early aspects analysis, one challenge is that the notion of a requirements aspect is not yet well established to efficaciously serve the community. Instead of defining the term once and for all in a normally arduous and unproductive conceptual unification stage, we present a preliminary taxonomy based on the literature survey to show the different features of an asymmetric requirements aspect. Existing approaches that handle requirements aspects are compared and classified according to the proposed taxonomy. In addition,we study crosscutting security requirements to exemplify the taxonomy's use, substantiate its value, and explore its future directions

Quality-aware model-driven service engineering

Service engineering and service-oriented architecture as an integration and platform technology is a recent approach to software systems integration. Quality aspects ranging from interoperability to maintainability to performance are of central importance for the integration of heterogeneous, distributed service-based systems. Architecture models can substantially influence quality attributes of the implemented software systems. Besides the benefits of explicit architectures on maintainability and reuse, architectural constraints such as styles, reference architectures and architectural patterns can influence observable software properties such as performance. Empirical performance evaluation is a process of measuring and evaluating the performance of implemented software. We present an approach for addressing the quality of services and service-based systems at the model-level in the context of model-driven service engineering. The focus on architecture-level models is a consequence of the black-box character of services

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

Patterns of information security postures for socio-technical systems and systems-of-systems

This paper describes a proposal to develop patterns of security postures for computer based socio-technical systems and systems-of-systems. Such systems typically span many organisational boundaries, integrating multiple computer systems, infrastructures and organisational processes. The paper describes the motivation for the proposed work, and our approach to the development, specification, integration and validation of security patterns for socio-technical and system-of-system scale systems

Modelling Requirements for Content Recommendation Systems

This paper addresses the modelling of requirements for a content Recommendation System (RS) for Online Social Networks (OSNs). On OSNs, a user switches roles constantly between content generator and content receiver. The goals and softgoals are different when the user is generating a post, as opposed as replying to a post. In other words, the user is generating instances of different entities, depending on the role she has: a generator generates instances of a "post", while the receiver generates instances of a "reply". Therefore, we believe that when addressing Requirements Engineering (RE) for RS, it is necessary to distinguish these roles clearly. We aim to model an essential dynamic on OSN, namely that when a user creates (posts) content, other users can ignore that content, or themselves start generating new content in reply, or react to the initial posting. This dynamic is key to designing OSNs, because it influences how active users are, and how attractive the OSN is for existing, and to new users. We apply a well-known Goal Oriented RE (GORE) technique, namely i-star, and show that this language fails to capture this dynamic, and thus cannot be used alone to model the problem domain. Hence, in order to represent this dynamic, its relationships to other OSNs' requirements, and to capture all relevant information, we suggest using another modelling language, namely Petri Nets, on top of i-star for the modelling of the problem domain. We use Petri Nets because it is a tool that is used to simulate the dynamic and concurrent activities of a system and can be used by both practitioners and theoreticians.Comment: 28 pages, 7 figure

Quality measures for ETL processes: from goals to implementation

Extraction transformation loading (ETL) processes play an increasingly important role for the support of modern business operations. These business processes are centred around artifacts with high variability and diverse lifecycles, which correspond to key business entities. The apparent complexity of these activities has been examined through the prism of business process management, mainly focusing on functional requirements and performance optimization. However, the quality dimension has not yet been thoroughly investigated, and there is a need for a more human-centric approach to bring them closer to business-users requirements. In this paper, we take a first step towards this direction by defining a sound model for ETL process quality characteristics and quantitative measures for each characteristic, based on existing literature. Our model shows dependencies among quality characteristics and can provide the basis for subsequent analysis using goal modeling techniques. We showcase the use of goal modeling for ETL process design through a use case, where we employ the use of a goal model that includes quantitative components (i.e., indicators) for evaluation and analysis of alternative design decisions.Peer ReviewedPostprint (author's final draft