34 research outputs found
A goal-based modeling approach to develop security requirements of fault tolerant security-critical systems
Large amount of (security) faults existing in software systems could be complex and hard to identify during the fault analysis. So, it is not always possible to fully mitigate the internal or external security faults (vulnerabilities or threats) within the system. On the other hand, existence of faults in the system may eventually lead to a security failure. To avoid security failure of the target system we need to make it flexible and tolerant in the presence of security faults. This paper introduces a goal-based modeling approach to develop security requirements of security-critical systems (SCSs) by explicitly factoring the faults into the requirement engineering process. Our approach establishes a model for security requirements (SRM) with respect to the formally described model of security faults (SFM). We care for fault tolerance in SRM by taking into consideration partial satisfaction of security goals. The proposed approach factors this partiality into the goals by applying proper mitigation techniques during the refinement process. This eventually contributes to a fault tolerant model for security requirements of the target system
Dependency-Aware Software Requirements Selection using Fuzzy Graphs and Integer Programming
Software requirements selection aims to find an optimal subset of the
requirements with the highest value while respecting the project constraints.
But the value of a requirement may depend on the presence or absence of other
requirements in the optimal subset. Such Value Dependencies, however, are
imprecise and hard to capture. In this paper, we propose a method based on
integer programming and fuzzy graphs to account for value dependencies and
their imprecision in software requirements selection. The proposed method,
referred to as Dependency-Aware Software Requirements Selection (DARS), is
comprised of three components: (i) an automated technique for the
identification of value dependencies from user preferences, (ii) a modeling
technique based on fuzzy graphs that allows for capturing the imprecision of
value dependencies, and (iii) an Integer Linear Programming (ILP) model that
takes into account user preferences and value dependencies identified from
those preferences to reduce the risk of value loss in software projects. Our
work is verified by studying a real-world software project. The results show
that our proposed method reduces the value loss in software projects and is
scalable to large requirement sets.Comment: arXiv admin note: text overlap with arXiv:2003.0480
A fuzzy-based technique for describing security requirements of intrusion tolerant systems
To care for security in early stages of software development has always been a major engineering trend. However, due to the existence of unpreventable and accidental security faults within the system, it is not
always possible to entirely identify and mitigate the security threats. This may eventually lead to security failure of the target system. To avoid security failure, it is required to incorporate fault tolerance (i.e. intrusion tolerant) into the security requirements of the system. In this paper, we propose a new technique toward description of
security requirements of Intrusion Tolerant Systems (ITS) using fuzzy logic. We care for intrusion tolerance in security requirements of the system through considering partial satisfaction of security goals. This partiality is accepted and formally described through establishment of a Goal-Based Fuzzy Grammar (GFG) and its respective Goal
-Based Fuzzy Language (GFL) for describing Security Requirement Model (SRM) of the target ITS
S-Scrum: a secure methodology for agile development of web services
To care for security in early stages of software development has always been a major engineering trend. However, due to the existence of unpreventable and accidental security faults within the system, it is not always possible to entirely identify and mitigate the security threats. This may eventually lead to security failure of the target system. To avoid security failure, it is required to incorporate fault tolerance (i.e. intrusion tolerant) into the security requirements of the system. In this paper, we propose a new technique toward description of security requirements of Intrusion Tolerant Systems (ITS) using fuzzy logic. We care for intrusion tolerance in security requirements of the system through considering partial satisfaction of security goals. This partiality is accepted and formally described through establishment of a Goal-Based Fuzzy Grammar (GFG) and its respective Goal-Based Fuzzy Language (GFL) for describing Security Requirement Model (SRM) of the target ITS
A Study on the Prevalence of Human Values in Software Engineering Publications, 2015-2018
Failure to account for human values in software (e.g., equality and fairness)
can result in user dissatisfaction and negative socio-economic impact.
Engineering these values in software, however, requires technical and
methodological support throughout the development life cycle. This paper
investigates to what extent software engineering (SE) research has considered
human values. We investigate the prevalence of human values in recent (2015 -
2018) publications at some of the top-tier SE conferences and journals. We
classify SE publications, based on their relevance to different values, against
a widely used value structure adopted from social sciences. Our results show
that: (a) only a small proportion of the publications directly consider values,
classified as relevant publications; (b) for the majority of the values, very
few or no relevant publications were found; and (c) the prevalence of the
relevant publications was higher in SE conferences compared to SE journals.
This paper shares these and other insights that motivate research on human
values in software engineering
Engineering Blockchain Based Software Systems: Foundations, Survey, and Future Directions
Many scientific and practical areas have shown increasing interest in reaping
the benefits of blockchain technology to empower software systems. However, the
unique characteristics and requirements associated with Blockchain Based
Software (BBS) systems raise new challenges across the development lifecycle
that entail an extensive improvement of conventional software engineering. This
article presents a systematic literature review of the state-of-the-art in BBS
engineering research from a software engineering perspective. We characterize
BBS engineering from the theoretical foundations, processes, models, and roles
and discuss a rich repertoire of key development activities, principles,
challenges, and techniques. The focus and depth of this survey not only gives
software engineering practitioners and researchers a consolidated body of
knowledge about current BBS development but also underpins a starting point for
further research in this field
Investigating the Emotional Response to COVID-19 News on Twitter: A Topic Modeling and Emotion Classification Approach
Media has played an important role in public information on COVID-19. But distressing news, e.g., COVID-19 death tolls, may trigger negative emotions in public, discouraging them from following the news, which, in turn, can limit the effectiveness of the media. To understand people’s emotional response to the COVID-19 news, we have investigated the prevalence of basic human emotions in around 19 million user responses to 1.7 million COVID-19 news posts on Twitter from (English-speaking) media across 12 countries from January 2020 to April 2021. We have used Latent Dirichlet Allocation (LDA) to identify news themes on Twitter. Also, the Robustly Optimized BERT Pretraining Approach (RoBERTa) model was used to identify emotions in the tweets. Our analysis of the Twitter data revealed that anger was the most prevalent emotion in user responses to the news coverage of COVID-19. That was followed by sadness, optimism, and joy, steadily over the period of the study. The prevalence of anger (in user responses) was higher for the news about authorities and politics while optimism and joy were more prevalent for the news about vaccination and educational impacts of COVID-19 respectively. The prevalence of sadness in user responses, however, was the highest for the news about COVID-19 cases and deaths and the impacts on the families, mental health, jails, and nursing homes. We also observed a higher level of anger in the user responses to the (COVID-19) news posted by the USA media accounts (e.g., CNN Politics, Fox News, MSNBC). Optimism, on the other hand, was found to be the highest for Filipino media accounts