Requirements-Driven Adaptation of Choreographed Interactions

Electronic services are emerging as the de-facto enabler of interaction interoperability across organization boundaries. Cross-organizational interactions are often “choreographed”, i.e. specified by a messaging protocol from a global point of view independent of the local view of each interacting organization. Local requirements motivating an interaction as well as the global contextual requirements governing the interaction inevitably evolve over time, requiring adaptation of the corresponding interaction protocol. Adaptation of an interaction protocol must ensure the satisfaction of both sets of interaction requirements while maintaining consistency between the global view and the local views of an interaction specification. Such adaptation is not possible with the current state-of-the-art representations of choreographed interactions, as they capture only operational messaging specifications detached from both local organizational requirements as well as global contextual requirements. This thesis presents three novel contributions that tackle adaptation of choreographed interaction protocols: an automated technique for deriving an interaction protocol from requirements, a formalization of consistency between local and global views, and a framework for guiding the adaptation of a choreographed interaction. A choreographed interaction is specified using models of organizational requirements motivating the interaction. We employ the formal semantics embedded in requirements models to automatically derive an interaction protocol. We propose a framework for relating the global and local views of interaction specification and maintaining consistency between them. We develop a metamodel for interaction specification, from which we enumerate adaptation operations. We build a catalogue that provides guidance on performing each operation and propagating changes between the global and local views. These contributions are evaluated using examples from the literature as well as a real-world case study

Ontology-based methodology for error detection in software design

Improving the quality of a software design with the goal of producing a high quality software product continues to grow in importance due to the costs that result from poorly designed software. It is commonly accepted that multiple design views are required in order to clearly specify the required functionality of software. There is universal agreement as to the importance of identifying inconsistencies early in the software design process, but the challenge is how to reconcile the representations of the diverse views to ensure consistency. To address the problem of inconsistencies that occur across multiple design views, this research introduces the Methodology for Objects to Agents (MOA). MOA utilizes a new ontology, the Ontology for Software Specification and Design (OSSD), as a common information model to integrate specification knowledge and design knowledge in order to facilitate the interoperability of formal requirements modeling tools and design tools, with the end goal of detecting inconsistency errors in a design. The methodology, which transforms designs represented using the Unified Modeling Language (UML) into representations written in formal agent-oriented modeling languages, integrates object-oriented concepts and agent-oriented concepts in order to take advantage of the benefits that both approaches can provide. The OSSD model is a hierarchical decomposition of software development concepts, including ontological constructs of objects, attributes, behavior, relations, states, transitions, goals, constraints, and plans. The methodology includes a consistency checking process that defines a consistency framework and an Inter-View Inconsistency Detection technique. MOA enhances software design quality by integrating multiple software design views, integrating object-oriented and agent-oriented concepts, and defining an error detection method that associates rules with ontological properties

A Method of Functional Alignment Verification in Hierarchical Enterprise Models

Enterprise modeling involves multiple domains of expertise: requirements engineering, business process modeling, IT development etc. Our experience has shown that hierarchical enterprise models, made of an assembly of system models, are effective. In these models, two hierarchies exist: an organizational level hierarchy (describing systems' construction) and a functional level hierarchy (describing systems' functionality). Using a uniform hierarchical modeling language, system models at different hierarchical levels can be aligned in the context of the enterprise model. Using an operational semantics, each system model can be translated into executable code for model simulation and testing. The possibility to simulate and test models leads to the alignment verification for all system models across both hierarchies. In this paper we propose a method and tool for functional alignment verification. We use the Abstract State Machine (ASM) and the ASM language (AsmL) to formalize our graphical models for simulation and testing. We illustrate this approach with an example

Quality of process modeling using BPMN: a model-driven approach

Dissertação para obtenção do Grau de Doutor em Engenharia InformáticaContext: The BPMN 2.0 specification contains the rules regarding the correct usage of the language’s constructs. Practitioners have also proposed best-practices for producing better BPMN models. However, those rules are expressed in natural language, yielding sometimes ambiguous interpretation, and therefore, flaws in produced BPMN models. Objective: Ensuring the correctness of BPMN models is critical for the automation of processes. Hence, errors in the BPMN models specification should be detected and corrected at design time, since faults detected at latter stages of processes’ development can be more costly and hard to correct. So, we need to assess the quality of BPMN models in a rigorous and systematic way. Method: We follow a model-driven approach for formalization and empirical validation of BPMN well-formedness rules and BPMN measures for enhancing the quality of BPMN models. Results: The rule mining of BPMN specification, as well as recently published BPMN works, allowed the gathering of more than a hundred of BPMN well-formedness and best-practices rules. Furthermore, we derived a set of BPMN measures aiming to provide information to process modelers regarding the correctness of BPMN models. Both BPMN rules, as well as BPMN measures were empirically validated through samples of BPMN models. Limitations: This work does not cover control-flow formal properties in BPMN models, since they were extensively discussed in other process modeling research works. Conclusion: We intend to contribute for improving BPMN modeling tools, through the formalization of well-formedness rules and BPMN measures to be incorporated in those tools, in order to enhance the quality of process modeling outcomes

A service-oriented approach for the i* framework

Nuevas áreas de aplicación como comercio electrónico, aplicaciones para provisión de servicios y computación P2P (peer-to-peer) requieren de sistemas de software complejos que puedan soportar procesos de negocio en línea . Actualmente, los ingenieros de software han descubierto la efectividad de usar técnicas de modelado organizacional para guiar el proceso de producción de este tipo de sistemas complejos. En este contexto, el framework i* es una de las técnicas de modelado organizacional mejor fundamentadas hoy en día. i* se enfoca en dos aspectos principales: a) la representación de las relaciones sociales e intencionales que existen entre la red de actores de un negocio. b) la representación del comportamiento interno requerido para satisfacer las dependencias entre actores. El framework i* permite describir una organización como una red de actores que tienen libertad de acción, pero que dependen de otros actores para lograr sus metas y objetivos. Sin embargo, a pesar de las bien conocidas ventajas de i*, existen ciertos problemas que necesitan ser resueltos para asegurar su efectividad en ambientes reales de desarrollo. En este sentido, el framework necesita ser evaluado en la práctica con el objetivo de identificar sus fortalezas y debilidades en casos de estudio reales. Uno de los objetivos de esta tesis fue realizar una evaluación empírica que nos permitiera identificar y analizar los problemas prácticos de i*. Se presentan las lecciones aprendidas en términos de fortalezas y de puntos débiles que necesitan ser resueltos. Además, la tesis presenta soluciones a los puntos débiles que fueron detectados en la evaluación empírica. Consideramos que la orientación a servicios es un paradigma muy prometedor para enfrentar la complejidad del modelado de sistemas de tecnologías de información actuales. En este sentido, el principal objetivo de esta tesis fue definir una arquitectura orientada a servicios que nos permitiera resolver los problemas de complejidad de i*.Estrada Esquivel, H. (2008). A service-oriented approach for the i* framework [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/3305Palanci

Security Risk Assessments: Modeling and Risk Level Propagation

Security risk assessment is an important task in systems engineering. It is used to derive security requirements for a secure system design and to evaluate design alternatives as well as vulnerabilities. Security risk assessment is also a complex and interdisciplinary task, where experts from the application domain and the security domain have to collaborate and understand each other. Automated and tool-supported approaches are desired to help manage the complexity. However, the models used for system engineering usually focus on functional behavior and lack security-related aspects. Therefore, we present our modeling approach that alleviates communication between the involved experts and features steps of computer-aided modeling to achieve consistency and avoid omission errors. We demonstrate our approach with an example. We also describe how to model impact rating and attack feasibility estimation in a modular fashion, along with the propagation and aggregation of these estimations through the model. As a result, experts can make local decisions or changes in the model, which in turn provides the impact of these decisions or changes on the overall risk profile. Finally, we discuss the advantages of our model-based method

Early aspects: aspect-oriented requirements engineering and architecture design

This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications