Rigorous Specification of Use Cases with the RSL Language

RSL language supports the specification of requirements in a systematic, rigorous and consistent way. RSL includes a large set of constructs to produce requirements specifications at different level of abstraction, different writing styles and different types of requirements (e.g., goals, functional requirements, quality requirements, constraints, user stories, and use cases) and tests. This paper focuses only on the RSL views related with use cases, including those constructs directly relevant to the specification of data-intensive information systems, namely: actors, use cases, data entities, state machines, and their respective relationships. The explanation and discussion is held by an illustrative example that shows how to produce such specifications. RSL offers an innovative approach that improves the way requirements specifications are defined and validated. In spite of other proposals, RSL is the first that integrates a large number of inter-related constructs that can be represented in a consistent and systematic way

Modular Composition of Language Features through Extensions of Semantic Language Models

Today, programming or specification languages are often extended in order to customize them for a particular application domain or to refine the language definition. The extension of a semantic model is often at the centre of such an extension. We will present a framework for linking basic and extended models. The example which we are going to use is the RSL concurrency model. The RAISE specification language RSL is a formal wide-spectrum specification language which integrates different features, such as state-basedness, concurrency and modules. The concurrency features of RSL are based on a refinement of a classical denotational model for process algebras. A modification was necessary to integrate state-based features into the basic model in order to meet requirements in the design of RSL. We will investigate this integration, formalising the relationship between the basic model and the adapted version in a rigorous way. The result will be a modular composition of the basic process model and new language features, such as state-based features or input/output. We will show general mechanisms for integration of new features into a language by extending language models in a structured, modular way. In particular, we will concentrate on the preservation of properties of the basic model in these extensions

Towards a Catalogue of Reusable Security Requirements, Vulnerabilities and Threats

Organizations are giving more importance to secure their systems due to the increasing number of cyber-attacks and inherent complexity. The aim of our work is help organizations plan and consider these security concerns from the very beginning, since the requirements and design phases, and not just later in the implementation or deployment phases. Consider security-by-design and security-by-default principles are good approaches to avoid rework costs or to mitigate security flaws. However, there is not yet a suitable approach to specify security requirements in a rigorous and systematic way. In this paper we propose an approach that allows the definition and specification of security-specific concerns like security requirements but also vulnerabilities, risks or threats. We discuss this approach based on two key parts: First, we introduce the RSLingo RSL language, that is a rigorous requirements specification language, and discuss how it is extended to support such security-specific concepts. Second, we claim the relevance for a catalogue of reusable security-specific specifications and then we show concrete examples of defining and using such specifications. The proposed catalogue can be easily used and extended by the community and involves currently 52 goals, 12 vulnerabilities and 31 risks; these concerns are defined into 9 packages each one representing a distinct asset

Using business process reengineering to obtain a RAISE specification

We have proposed a technique which can be employed within the methodology known as business process reengineering. This technique has been applied in a government project, which included an Information System and Geographical Information System, developed with financial support from The World Bank. One model used in process reengineering is the process model diagram, which helps to find the tasks, to be completed in each area of the organisation. To understand the domain is crucial to be able to specify each one of these tasks. We show in this work how to use process modelling to find the tasks and to formalise their description using RAISE formal method. In this way, using a model of process as input, an engineer employs a systematic technique to create-as a starting point-the main functions (tasks) of the domain using the RAISE formal method. Furthermore, we show how a structured architecture in layers can be used for reuse during the development in the large.Facultad de Informátic

Formal foundations for the unified modeling language

We present in this work an outline of an ongoing research line in the framework of the Software Engineering Group (SEG) at the National University of San Luis. We describe here the previous work carried out by the group in formalizing UML using RSL, as well as the current and future work in the matter.Eje: Ingeniería de SoftwareRed de Universidades con Carreras en Informática (RedUNCI

The Logic of the RAISE Specification Language

This paper describes the logic of the RAISE Specification Language, RSL. It explains the particular logic chosen for RAISE, and motivates this choice as suitable for a wide spectrum language to be used for designs as well as initial specifications, and supporting imperative and concurrent specifications as well as applicative sequential ones. It also describes the logical definition of RSL, its axiomatic semantics, as well as the proof system for carrying out proofs

A Derivation Strategy for Formal Specifications from Natural Language Requirements Models

Formal methods have come into use for the construction of real systems, as they help increase software quality and reliability. However, they are usually accessible only to specialists, thus discouraging stakeholders' participation, crucial in first steps of software development. To address this problem, we present in this paper a strategy to derive an initial formal specification, written in the RAISE Specification Language, from requirements models based on natural language, such as the Language Extended Lexicon, the Scenario Model, and the Business Rules Model, which are closer to the stakeholders' language. We provide a set of heuristics which show how to derive types and functions, and how to structure them in a layered architecture, thus contributing to fruitfully use the large amount of information usually available after requirements modelling stage. In addition, we illustrate the strategy with a concrete case study

Temporal validation of extended workflow processes by means Petri Nets with Clocks

At present the business processes have temporary requirements within their specifications. Logistics, e-commerce, are examples of these, among others. The time involved in business processes is important regarding the interaction of the actors. The sound of the technology involved in building these processes plays a key role in assessing the risk of implementation. The possibility of having technologies with elements for such specifications is vital to accurately model of reality. Workflow (Wf) is the technology of wide acceptance and recognition that can improve business processes. The Wf architecture has the Interface 1, which lets you define process through its processes definition language (PDL), but has no elements to express temporary restrictions of this kind. Our works present a theoretical framework in which there is an extension of the grammar of the WPDL to allow the specification of time variable. It also establishes a correspondence between the PD and its underlying Petri Net with Clocks (PNwC) preserving its semantic. The correspondence is specified by means of the RAISE Specification Language (RSL). The correlation between these formalisms lets you define business process with temporary restrictions validated.Workshop de Ingeniería de Software y Bases de Datos (WISBD)Red de Universidades con Carreras en Informática (RedUNCI