research-article

Goal-conflict likelihood assessment based on model counting

Authors:
Renzo Degiovanni

Universidad Nacional de Río Cuarto, Argentina

Universidad Nacional de Río Cuarto, Argentina
View Profile

,
Pablo Castro

Universidad Nacional de Río Cuarto and CONICET, Argentina

Universidad Nacional de Río Cuarto and CONICET, Argentina
View Profile

,
Marcelo Arroyo

Universidad Nacional de Río Cuarto, Argentina

Universidad Nacional de Río Cuarto, Argentina
View Profile

,
Marcelo Ruiz

Universidad Nacional de Río Cuarto, Argentina

Universidad Nacional de Río Cuarto, Argentina
View Profile

,
Nazareno Aguirre

Universidad Nacional de Río Cuarto and CONICET, Argentina

Universidad Nacional de Río Cuarto and CONICET, Argentina
View Profile

,
Marcelo Frias

Instituto Tecnológico de Buenos Aires and CONICET, Argentina

Instituto Tecnológico de Buenos Aires and CONICET, Argentina
View Profile

ICSE '18: Proceedings of the 40th International Conference on Software EngineeringMay 2018Pages 1125–1135https://doi.org/10.1145/3180155.3180261

Published:27 May 2018Publication History

ICSE '18: Proceedings of the 40th International Conference on Software Engineering

Pages 1125–1135

ABSTRACT

In goal-oriented requirements engineering approaches, conflict analysis has been proposed as an abstraction for risk analysis. Intuitively, given a set of expected goals to be achieved by the system-to-be, a conflict represents a subtle situation that makes goals diverge, i.e., not be satisfiable as a whole. Conflict analysis is typically driven by the identify-assess-control cycle, aimed at identifying, assessing and resolving conflicts that may obstruct the satisfaction of the expected goals. In particular, the assessment step is concerned with evaluating how likely the identified conflicts are, and how likely and severe are their consequences.

So far, existing assessment approaches restrict their analysis to obstacles (conflicts that prevent the satisfaction of a single goal), and assume that certain probabilistic information on the domain is provided, that needs to be previously elicited from experienced users, statistical data or simulations. In this paper, we present a novel automated approach to assess how likely a conflict is, that applies to general conflicts (not only obstacles) without requiring probabilistic information on the domain. Intuitively, given the LTL formulation of the domain and of a set of goals to be achieved, we compute goal conflicts, and exploit string model counting techniques to estimate the likelihood of the occurrence of the corresponding conflicting situations and the severity in which these affect the satisfaction of the goals. This information can then be used to prioritize conflicts to be resolved, and suggest which goals to drive attention to for refinements.

References

Jflap. urmttp://www.jflap.org.Google Scholar
Lamaconv---logics and automata converter library, urlhttp://www.isp.uniluebeck.de/lamaconv.Google Scholar
Bowen Alpern and Fred B. Schneider. Defining liveness. Inf. Process. Lett., 21(4):181--185, 1985.Google ScholarCross Ref
Dalai Alrajeh, Jeff Kramer, Axel van Lamsweerde, Alessandra Russo, and Sebastiàn Uchitel. Generating obstacle conditions for requirements completeness. In 34th International Conference on Software Engineering, ICSE 2012, June 2--9, 2012, Zurich, Switzerland, pages 705--715, 2012. Google ScholarDigital Library
Abdulbaki Aydin, Lucas Bang, and Tevfik Bultan. Automata-based model counting for string constraints. In Computer Aided Verification - 27th International Conference, CAV 2015, San Francisco, CA, USA, July 18--24, 2015, Proceedings, Part I, pages 255--272, 2015.Google Scholar
Christel Baier and Joost-Pieter Katoen. Principles of Model Checking. The MIT Press, May 2008.Google ScholarDigital Library
Benjamin Barre, Mathieu Klein, Maxime Soucy-Boivin, Pierre-Antoine Ollivier, and Sylvain Hallé. Mapreduce for parallel trace validation of LTL properties. In Shaz Qadeer and Serdar Tasiran, editors, Runtime Verification, Third International Conference, RV 2012, Istanbul, Turkey, September 25--28, 2012, Revised Selected. Papers, volume 7687 of Lecture Notes in Computer Science, pages 184--198. Springer, 2012.Google Scholar
Adrian Beer, Stephan Heidinger, Uwe Kühne, Florian Leitner-Fischer, and Stefan Leue. Symbolic causality checking using bounded model checking. In Proc. of the 22nd Intl. Sym. on Model Checking Software, pages 203--221, 2015. Google ScholarDigital Library
Armin Biere, Alessandro Cimatti, Edmund M. Clarke, and Yunshan Zhu. Symbolic model checking without bdds. In Proceedings of the 5th International Conference on Tools and Algorithms for Construction and Analysis of Systems, TACAS '99, pages 193--207, London, UK, UK, 1999. Springer-Verlag. Google ScholarDigital Library
Nikolaj Bjørner, Anca Browne, Michael Colón, Bernd Finkbeiner, Zohar Manna, Henny Sipma, and Tomás E. Uribe. Verifying temporal properties of reactive systems: A step tutorial. Formal Methods in System Design, 16(3):227--270, 2000. Google ScholarDigital Library
Antoine Cailliau and Axel van Lamsweerde. A probabilistic framework for goal-oriented risk analysis. In 2012 20th IEEE International Requirements Engineering Conference (RE), Chicago, IL, USA, September 24--28, 2012, pages 201--210, 2012. Google ScholarDigital Library
Antoine Cailliau and Axel van Lamsweerde. Integrating exception handling in goal models. In IEEE 22nd International Requirements Engineering Conference, RE 2014, Karlskrona, Sweden, August 25--29, 2014, pages 43--52, 2014.Google ScholarCross Ref
Antoine Cailliau and Axel van Lamsweerde. Handling knowledge uncertainty in risk-based requirements engineering. In 23rd IEEE International Requirements Engineering Conference, RE 2015, Ottawa, ON, Canada, August 24--28, 2015, pages 106--115, 2015.Google ScholarCross Ref
Anne Dardenne, Axel van Lamsweerde, and Stephen Fickas. Goal-directed requirements acquisition. In SCIENCE OF COMPUTER PROGRAMMING, pages 3--50, 1993. Google ScholarDigital Library
Renzo Degiovanni, Nicolás Ricci, Dalai Alrajeh, Pablo F. Castro, and Nazareno Aguirre. Goal-conflict detection based on temporal satisfiability checking. In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, ASE 2016, Singapore, September 3--7, 2016, pages 507--518, 2016. Google ScholarDigital Library
Christian Ellen, Sven Sieverding, and Hardi Hungar. Detecting consistencies and inconsistencies of pattern-based functional requirements. In Proc. of the 19th Intl. Conf. on Formal Methods for Industrial Critical Systems, pages 155--169, 2014.Google ScholarCross Ref
Neil A. Ernst, Alexander Borgida, John Mylopoulos, and Ivan J. Jureta. Agile requirements evolution via paraconsistent reasoning. In Proc. of the 24th Intl. Conf. on Advanced Information Systems Engineering, pages 382--397, 2012. Google ScholarDigital Library
Amy P. Felty and Kedar S. Namjoshi. Feature specification and automated conflict detection. ACM TOSEM, 12(l):3--27, 2003. Google ScholarDigital Library
Antonio Filieri, Marcelo F. Frias, Corina S. Pasareanu, and Willem Visser. Model counting for complex data structures. In Model Checking Software - 22nd International Symposium, SPIN 2015, Stellenbosch, South Africa, August 24--26, 2015, Proceedings, pages 222--241, 2015. Google ScholarDigital Library
Bernd Finkbeiner and Hazem Torfah. Counting models of linear-time temporal logic. In Adrian Horia Dediu, Carlos Martín-Vide, José Luis Sierra-Rodríguez, and Bianca Truthe, editors, Language and Automata Theory and Applications - 8th International Conference, LATA 2014, Madrid, Spain, March 10--14, 2014. Proceedings, volume 8370 of Lecture Notes in Computer Science, pages 360--371. Springer, 2014. Google ScholarDigital Library
A. Finkelstein and J. Dowell. A comedy of errors: The london ambulance service case study. In Proceedings of the 8th International Workshop on Software Specification and Design, IWSSD '96, pages 2--, Washington, DC, USA, 1996. IEEE Computer Society. Google ScholarDigital Library
Paolo Giorgini, John Mylopoulos, and Roberto Sebastiani. Goal-oriented requirements analysis and reasoning in the tropos methodology. Engineering Applications of Artificial Intelligence, 18(2):159 -- 171, 2005. Google ScholarDigital Library
David Harel, Hillel Kugler, and Amir Pnueli. Synthesis revisited: Generating statechart models from scenario-based requirements. In Formal Methods in Software and Systems Modeling: Essays Dedicated to Hartmut Ehrig on the Occasion of His 60th Birthday, pages 309--324, 2005. Google ScholarDigital Library
J.H. Hausmann, R. Heckel, and G. Taentzer. Detection of conflicting functional requirements in a use case-driven approach. In ICSE, pages 105--115, 2002. Google ScholarDigital Library
Sebastian J.I. Herzig and Christiaan J.J. Paredis. A conceptual basis for inconsistency management in model-based systems engineering. Procedia CIRP, 21:52 -- 57, 2014.Google Scholar
Gerard J. Holzmann. The SPIN Model Checker -primer and reference manual. Addison-Wesley, 2004. Google ScholarDigital Library
IEEE. Ieee recommended practice for software requirements specifications, 1998.Google Scholar
Roberto J. Bayardo Jr. and Robert Schrag. Using CSP look-back techniques to solve real-world SAT instances. In Proceedings of the Fourteenth National Conference on Artificial Intelligence and Ninth Innovative Applications of Artificial Intelligence Conference, AAAI 97, IAAI 97, July 27--31, 1997, Providence, Rhode Island., pages 203--208, 1997. Google ScholarDigital Library
M. Kamalrudin. Automated software tool support for checking the inconsistency of requirements. In ASE, pages 693--697, 2009. Google ScholarDigital Library
J. Kramer, J. Magee, and M. Sloman. CONIC: An integrated approach to distributed computer control systems. In IEE Proc, Part E 130, pages 1--10, 1983.Google ScholarCross Ref
Leslie Lamport. Proving the correctness of multiprocess programs. IEEE Trans. Software Eng., 3(2):125--143, 1977. Google ScholarDigital Library
Timo Latvala, Armin Biere, Keijo Heljanko, and Tommi A. Junttila. Simple bounded LTL model checking. In Formal Methods in Computer-Aided Design, 5th International Conference, FMCAD 2004, Austin, Texas, USA, November 15--17, 2004, Proceedings, pages 186--200, 2004.Google Scholar
Jeff Magee and Jeff Kramer. Concurrency - state models and Java programs (2. ed.). Wiley, 2006. Google ScholarDigital Library
Zohar Manna and Amir Pnueli. The Temporal Logic of Reactive and Concurrent Systems. Springer-Verlag New York, Inc., New York, NY, USA, 1992. Google ScholarDigital Library
J. Mylopoulos, L. Chung, and B. Nixon. Representing and using nonfunctional requirements: A process-oriented approach. IEEE Trans. Softw. Eng., 18(6):483--497, June 1992. Google ScholarDigital Library
Tuong Huan Nguyen, Bao Quoc Vo, Markus Lumpe, and John Grundy. KBRE: a framework for knowledge-based requirements engineering. Software Quality Journal, 22(1):87--119, 2013. Google ScholarDigital Library
Tian Sang, Fahiem Bacchus, Paul Beame, Henry A. Kautz, and Toniann Pitassi. Combining component caching and clause learning for effective model counting. In SAT 2004 - The Seventh International Conference on Theory and Applications of Satisfiability Testing, 10--13 May 2004, Vancouver, BC, Canada, Online Proceedings, 2004.Google Scholar
Marc Thurley. sharpsat - counting models with advanced component caching and implicit BCP. In Theory and Applications of Satisfiability Testing - SAT 2006, 9th International Conference, Seattle, WA, USA, August 12--15, 2006, Proceedings, pages 424--429, 2006. Google ScholarDigital Library
Sebastián Uchitel, Jeff Kramer, and Jeff Magee. Synthesis of behavioral models from scenarios. IEEE Trans. Software Eng., 29(2):99--115, 2003. Google ScholarDigital Library
Axel van Lamsweerde. Requirements Engineering -From System Goals to UML Models to Software Specifications. Wiley, 2009. Google ScholarDigital Library
Axel van Lamsweerde, Robert Darimont, and Emmanuel Letier. Managing conflicts in goal-driven requirements engineering. IEEE Trans. Software Eng., 24(11):908--926, 1998. Google ScholarDigital Library
Axel van Lamsweerde and Emmanuel Letier. Integrating obstacles in goal-driven requirements engineering. In Proceedings of the 20th International Conference on Software Engineering, ICSE '98, pages 53--62, Washington, DC, USA, 1998. IEEE Computer Society. Google ScholarDigital Library
Axel van Lamsweerde and Emmanuel Letier. Handling obstacles in goal-oriented requirements engineering. IEEE Trans. Softw. Eng., 26(10):978--1005, October 2000. Google ScholarDigital Library
Willem Visser. What makes killing a mutant hard. In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, ASE 2016, Singapore, September 3--7, 2016, pages 39--44, 2016. Google ScholarDigital Library
Eric S. K. Yu. Towards modeling and reasoning support for early-phase requirements engineering. In Proceedings of the 3rd IEEE International Symposium on Requirements Engineering, RE '97, pages 226--, Washington, DC, USA, 1997. IEEE Computer Society. Google ScholarDigital Library

Index Terms

Goal-conflict likelihood assessment based on model counting
1. Software and its engineering
  1. Software creation and management
    1. Designing software
      1. Requirements analysis
    2. Software development process management
      1. Risk management
2. Theory of computation
  1. Formal languages and automata theory
    1. Regular languages
  2. Logic
    1. Modal and temporal logics

Recommendations

A genetic algorithm for goal-conflict identification
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering

Goal-conflict analysis has been widely used as an abstraction for risk analysis in goal-oriented requirements engineering approaches. In this context, where the expected behaviour of the system-to-be is captured in terms of domain properties and goals, ...
Read More
Goal-conflict detection based on temporal satisfiability checking
ASE '16: Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering

Goal-oriented requirements engineering approaches propose capturing how a system should behave through the specification of high-level goals, from which requirements can then be systematically derived. Goals may however admit subtle situations that ...
Read More
A Runtime Goal Conflict Resolution Model for Agent Systems
WI-IAT '12: Proceedings of the The 2012 IEEE/WIC/ACM International Joint Conferences on Web Intelligence and Intelligent Agent Technology - Volume 02

The goal-oriented agent programming based on BDI model is obtaining increasing attentions, because it allows us to design proactive behaviors for an agent. Generally, an agent does pursue multiple goals not only in a sequential way, but in a ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ICSE '18: Proceedings of the 40th International Conference on Software Engineering
May 2018
1307 pages
ISBN:9781450356381
DOI:10.1145/3180155
Conference Chair:
Michel Chaudron
Chalmers University of Technology, University of Gothenburg, Sweden
,
General Chair:
Ivica Crnkovic
Chalmers University of Technology, University of Gothenburg, Sweden
,
Program Chairs:
Marsha Chechik
University of Toronto, Canada
,
Mark Harman
Facebook and University College London, United Kingdom
Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 27 May 2018
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
goal conflicts
model counting
risk likelihood assessment
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate276of1,856submissions,15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 10
  Total Citations
  View Citations
- 161
  Total Downloads
- Downloads (Last 12 months)10
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Goal-conflict likelihood assessment based on model counting

ICSE '18: Proceedings of the 40th International Conference on Software Engineering

ABSTRACT

References

Cited By

Index Terms

Recommendations

A genetic algorithm for goal-conflict identification

Goal-conflict detection based on temporal satisfiability checking

A Runtime Goal Conflict Resolution Model for Agent Systems