Abstract
Requirements completeness is among the most critical and difficult software engineering challenges. Missing requirements often result from poor risk analysis at requirements engineering time. Obstacle analysis is a goal-oriented form of risk analysis aimed at anticipating exceptional conditions in which the software should behave adequately. In the identify-assess-control cycles of such analysis, the assessment step is not well supported by existing techniques. This step is concerned with evaluating how likely the obstacles to goals are and how likely and severe their consequences are. Those key factors drive the selection of most appropriate countermeasures to be integrated in the system goal model for increased completeness. Moreover, obstacles to probabilistic goals are currently not supported; such goals prescribe that some corresponding target property should be satisfied in at least X % of the cases. The paper presents a probabilistic framework for goal specification and obstacle assessment. The specification language for goals and obstacles is extended with a probabilistic layer where probabilities have a precise semantics grounded on system-specific phenomena. The probability of a root obstacle to a goal is thereby computed by up-propagation of probabilities of finer-grained obstacles through the obstacle refinement tree. The probability and severity of obstacle consequences is in turn computed by up-propagation from the obstructed leaf goals through the goal refinement graph. The paper shows how the computed information can be used to prioritize obstacles for countermeasure selection toward a more complete and robust goal model. A detailed evaluation of our framework on a non-trivial carpooling support system is also reported.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Alrajeh D, Kramer J, van Lamsweerde A, Russo A, Uchitel S (2012) Generating obstacle conditions for requirements completeness, Proceedings of ICSE’2012: 34th international conference on software engineering, Zürich
Amoroso EJ (1994) Fundamentals of computer security. Prentice Hall, USA
Anton A, Potts C (1998) The use of goals to surface requirements for evolving systems. In: proceedings of ICSE’1998: international conference on software engineering, Kyoto, pp 157–166
Asnar Y, Giorgini P, Mylopoulos J (2011) Goal-driven risk assessment in requirements engineering. Req Eng J 16(2):101–116
Barone D, Jiang L, Amyot D, Mylopoulos J (2011) Reasoning with key performance indicators. In: Proceedings PoEM 2011, LNBIP 92: 82–96
Bedford T, Cooke R (2001) Probabilistic risk assessment-foundations and methods. Cambridge University Press, Cambridge
Boehm BW (1991) Software risk management: principles and practices. IEEE Softw 8:32–41
Börzsönyi S, Kossmann D, Stocker K (2001) The skyline operator. In: Proceedings IEEE 17th international conference on data engineering, Washington, pp 421–430
Cailliau A (2012) Risk analysis for a carpooling support system, UCL/INGI Report, September 2012, www.info.ucl.ac.be/~acaillia/publications/carpoolingsystem.html
Darimont R, van Lamsweerde A (1996) Formal refinement patterns for goal-driven requirements elaboration. In: Proceedings FSE’4—fourth ACM SIGSOFT symposium on the foundations of software engineering, San Francisco, pp 179–190
Darimont R, Lemoine M (2007) Security requirements for civil aviation with UML and goal orientation. In: Proceedings REFSQ’07—international working conference on foundations for software quality, Trondheim (Norway), LNCS 4542, Springer-Verlag, Berlin
US Department of Defense (1980) Procedures for performing a failure mode effect and criticality analysis, Standard MIL-STD-1629A
Feather MS, Cornford SL (2003) Quantitative risk-based requirements reasoning. Requir Eng J 8(4):248–265
Fenton N, Neil M (2001) Making decisions: using Bayesian nets and MCDA. Knowl-Based Syst 14:307–325
Giorgini P, Mylopoulos J, Nicchiarelli E, Sebastiani R (2003) Formal reasoning techniques for goal models. J Data Semant 1(1):1–20
Jones C (1994) Assessment and control of software risks. Yourdon Press, Upper saddle river, NJ, USA
Kwiatkowska M, Norman G, Parker D (2002) Probabilistic symbolic model checking with PRISM: a hybrid approach. In: Proceedings TACAS’02, LNCS 2280, Springer-Verlag, pp 52–66
Kung HT, Luccio F, Preparata FP (1975) On finding the maxima of a set of vectors. J ACM 22(4):469–476
van Lamsweerde A, Letier E (1998) Integrating obstacles in goal-driven requirements engineering. In: Proceedings ICSE-98: 20th International Conference on Software Engineering, Kyoto
van Lamsweerde A, Letier Emmanuel (2000) Handling obstacles in goal-oriented requirements engineering. IEEE Trans Softw Eng 26(10):978–1005
van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. In: Proceedings ICSE’04, 26th international conference on software engineering, ACM-IEEE pp 148–157
van Lamsweerde A (2009) Requirements engineering: from system goals to UML models to software specifications. Wiley, NY
Report of the inquiry into the London ambulance service. The communications directorate, SW Thames Regional Authority, 1993
Letier E, van Lamsweerde A (2004) Reasoning about partial goal satisfaction for requirements and design engineering. In: Proceedings FSE 2004: 12th ACM symposium on foundation of software engineering, Newport Beach, CA, pp 53–62
Leveson NG (1995) Safeware: system safety and computers. Addison-Wesley, Wokingham
Leveson NG (2002) An approach to designing safe embedded software. In: Proceedings of EMSOFT 2002—embedded software: 2nd international conference, Grenoble, LNCS 2491, Springer-Verlag, pp 15–29
Lund MS, Solhaug B, Stølen K (2011) Model-driven risk analysis: the CORAS approach. Springer-Verlag, Berlin
Lutz R, Patterson-Hine A, Nelson S, Frost CR, Tal D, Harris R (2007) Using obstacle analysis to identify contingency requirements on an unpiloted aerial vehicle. Requir Eng J 12(1):41–54
Robertson S, Robertson J (1999) Mastering the Requirements Process. Addison-Wesley, Wokingham
Sabetzadeh M, Falessi D, Briand L, Di Alesio S, McGeorge D, Ahjem V, Borg J (2011) Combining goal models, expert elicitation, and probabilistic simulation for qualification of new technology, IEEE 13th international symposium on high-assurance systems engineering (HASE), pp 10–12
Acknowledgments
This work was supported by the European Fund for Regional Development and the Walloon Region (TIC-FEDER Grant CE-IQS Project). Bernard Lambeau and Christophe Damas contributed to the elaboration of the goal and obstacle models for the carpooling system. Thanks also to them and to Simon Busard for inspiring discussions on our approach and to the reviewers for comments calling for clarifications.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Cailliau, A., van Lamsweerde, A. Assessing requirements-related risks through probabilistic goals and obstacles. Requirements Eng 18, 129–146 (2013). https://doi.org/10.1007/s00766-013-0168-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00766-013-0168-5