468 research outputs found
Risk and Business Goal Based Security Requirement and Countermeasure Prioritization
Companies are under pressure to be in control of their assets but at the same time they must operate as efficiently as possible. This means that they aim to implement “good-enough security” but need to be able to justify their security investment plans. Currently companies achieve this by means of checklist-based security assessments, but these methods are a way to achieve consensus without being able to provide justifications of countermeasures in terms of business goals. But such justifications are needed to operate securely and effectively in networked businesses. In this paper, we first compare a Risk-Based Requirements Prioritization method (RiskREP) with some requirements engineering and risk assessment methods based on their requirements elicitation and prioritization properties. RiskREP extends misuse case-based requirements engineering methods with IT architecture-based risk assessment and countermeasure definition and prioritization. Then, we present how RiskREP prioritizes countermeasures by linking business goals to countermeasure specification. Prioritizing countermeasures based on business goals is especially important to provide the stakeholders with structured arguments for choosing a set of countermeasures to implement. We illustrate RiskREP and how it prioritizes the countermeasures it elicits by an application to an action case
Evaluation of Agents Interactions in a Context-Aware System
The evaluation of Multi-Agent Systems (MAS) is a complex problem and it does not have a single form. Much effort has been spent on suggesting and implementing new architectures of MAS. Often these new architectures are not even compared to any other existing architectures in order to evaluate their relative benefits. The present work focuses on interactions, the most important characteristic of any complex software as autonomous agents according to [25], as a problematic of evaluation. So, in this paper, we describe the assignment of evaluation values to Agents interaction in a specific MAS architecture. This evaluation is based on the weight of the messages brought by an interaction.Funded by projects CICYT TIN2008-06742-C02-02/TSI,CICYT TEC2008-06732-C02-02/TEC, SINPROB, CAM MADRINET S-0505/TIC/0255, and DPS2008-07029-C02-02.Publicad
Stretching the Comfort Zone: Using Early Clinical Contact to Influence Professional Identity Formation in Medical Students
Purpose: To explore first-year medical students’ affective reactions to intimate encounters with severely sick patients in their homes, within a curricular innovation targeting the development of a patient-centered professional identity. Background: Early patient encounters create complex emotional challenges and constitute fertile ground for professional identity formation. The literature indicates that students often learn, largely through the hidden curriculum, to avoid and suppress emotion. This can culminate in mental health problems and loss of empathy. Method: A qualitative descriptive analysis of 28 randomly selected, mandatory, reflective essays focused on a home visit to a previously unknown patient, in an unsupervised group of 4 students, within the context of a structured course called Patient Contact—PASKON. Results: Students described a wide range of affect-laden responses, positive and negative, elicited by the home visits. The observations were typically related to loss of control, struggles to behave “professionally,” and the unmasking of stereotypes and prejudices. Conclusions: Medical students’ initial clinical encounters elicit emotional responses that have the potential to serve as triggers for the development of emotional maturity, relational skills, and patient-centered attitudes. Conversely, they can foreground uncertainty and lead to defensive distancing from patients’ existential concerns. The findings point to a role for structured educational strategies and supervision to assist students in the emotion work necessary in the transition from a “lay” to a “medical” identity.publishedVersio
Investigating Differences between Graphical and Textual Declarative Process Models
Declarative approaches to business process modeling are regarded as well
suited for highly volatile environments, as they enable a high degree of
flexibility. However, problems in understanding declarative process models
often impede their adoption. Particularly, a study revealed that aspects that
are present in both imperative and declarative process modeling languages at a
graphical level-while having different semantics-cause considerable troubles.
In this work we investigate whether a notation that does not contain graphical
lookalikes, i.e., a textual notation, can help to avoid this problem. Even
though a textual representation does not suffer from lookalikes, in our
empirical study it performed worse in terms of error rate, duration and mental
effort, as the textual representation forces the reader to mentally merge the
textual information. Likewise, subjects themselves expressed that the graphical
representation is easier to understand
A Goal-based Framework for Contextual Requirements Modeling and Analysis
Requirements Engineering (RE) research often ignores, or presumes a uniform nature of the context in which the system operates. This assumption is no longer valid in emerging computing paradigms, such as ambient, pervasive and ubiquitous computing, where it is essential to monitor and adapt to an inherently varying context. Besides influencing the software, context may influence stakeholders' goals and their choices to meet them. In this paper, we propose a goal-oriented RE modeling and reasoning framework for systems operating in varying contexts. We introduce contextual goal models to relate goals and contexts; context analysis to refine contexts and identify ways to verify them; reasoning techniques to derive requirements reflecting the context and users priorities at runtime; and finally, design time reasoning techniques to derive requirements for a system to be developed at minimum cost and valid in all considered contexts. We illustrate and evaluate our approach through a case study about a museum-guide mobile information system
Engaging End-Users in the Collaborative Development of Domain-Speci c Modelling Languages
International audienceDomain-Speci c Modelling Languages (DSMLs) are high-level languages specially designed to perform tasks in a particular domain. When developing DSMLs, the participation of end-users is normally limited to providing domain knowledge and testing the resulting language prototypes. Language developers, which are perhaps not domain experts, are therefore in control of the language development and evolution. This may cause misinterpretations which hamper the development process and the quality of the DSML. Thus, it would be bene cial to promote a more active participation of end-users in the development process of DSMLs. While current DSML workbenches are mono-user and designed for technical experts, we present a process and tool support for the example-driven, collaborative construction of DSMLs in order to engage end-users in the creation of their own languages
The conceptual schema of Ethereum
There is an abundant literature on Ethereum, but as far as we
know what is missing is its explicit conceptual schema. We present here the
conceptual schema of Ethereum in UML. The schema should be useful to those
that want to understand Ethereum. We also show that the schema is necessary
for developing the schema of Ethereum–based DApps. We present a few
population constraints, and show that they suffice for the specification at the
conceptual level of what is understood by immutability of a blockchain. We
also show that the well–known reification construct and an initial constraint
suffice to specify at the conceptual level that the Ethereum blockchain stores
the full state history.Peer ReviewedPreprin
The dynamics of proving uncolourability of large random graphs I. Symmetric Colouring Heuristic
We study the dynamics of a backtracking procedure capable of proving
uncolourability of graphs, and calculate its average running time T for sparse
random graphs, as a function of the average degree c and the number of vertices
N. The analysis is carried out by mapping the history of the search process
onto an out-of-equilibrium (multi-dimensional) surface growth problem. The
growth exponent of the average running time is quantitatively predicted, in
agreement with simulations.Comment: 5 figure
The Utility of the Abstract Relational Model and Attribute Paths in SQL
It is well-known that querying information is difficult for domain experts, for they are not familiar with querying actual relational schemata due to the notions of primary and foreign keys and the various ways of representing and storing information in a relational database. To overcome these problems, the Abstract Relational Model and the query language, SQLP, have been proposed. They are the theoretical foundations and ensure that explicit primary and foreign keys are hidden from the user's view and that queries can be expressed more compactly. In this paper we evaluate these theoretical advantages with user studies that compare SQLP to plain SQL as the baseline. The experiments show significant statistical evidence that SQLP indeed requires less time for understanding and authoring queries, with no loss in accuracy. Considering the positive results, we develop a method to reverse engineer legacy relational schemata into abstract relational ones
- …