ABSTRACT
In goal-oriented requirements engineering approaches, conflict analysis has been proposed as an abstraction for risk analysis. Intuitively, given a set of expected goals to be achieved by the system-to-be, a conflict represents a subtle situation that makes goals diverge, i.e., not be satisfiable as a whole. Conflict analysis is typically driven by the identify-assess-control cycle, aimed at identifying, assessing and resolving conflicts that may obstruct the satisfaction of the expected goals. In particular, the assessment step is concerned with evaluating how likely the identified conflicts are, and how likely and severe are their consequences.
So far, existing assessment approaches restrict their analysis to obstacles (conflicts that prevent the satisfaction of a single goal), and assume that certain probabilistic information on the domain is provided, that needs to be previously elicited from experienced users, statistical data or simulations. In this paper, we present a novel automated approach to assess how likely a conflict is, that applies to general conflicts (not only obstacles) without requiring probabilistic information on the domain. Intuitively, given the LTL formulation of the domain and of a set of goals to be achieved, we compute goal conflicts, and exploit string model counting techniques to estimate the likelihood of the occurrence of the corresponding conflicting situations and the severity in which these affect the satisfaction of the goals. This information can then be used to prioritize conflicts to be resolved, and suggest which goals to drive attention to for refinements.
- Jflap. urmttp://www.jflap.org.Google Scholar
- Lamaconv---logics and automata converter library, urlhttp://www.isp.uniluebeck.de/lamaconv.Google Scholar
- Bowen Alpern and Fred B. Schneider. Defining liveness. Inf. Process. Lett., 21(4):181--185, 1985.Google ScholarCross Ref
- Dalai Alrajeh, Jeff Kramer, Axel van Lamsweerde, Alessandra Russo, and Sebastiàn Uchitel. Generating obstacle conditions for requirements completeness. In 34th International Conference on Software Engineering, ICSE 2012, June 2--9, 2012, Zurich, Switzerland, pages 705--715, 2012. Google ScholarDigital Library
- Abdulbaki Aydin, Lucas Bang, and Tevfik Bultan. Automata-based model counting for string constraints. In Computer Aided Verification - 27th International Conference, CAV 2015, San Francisco, CA, USA, July 18--24, 2015, Proceedings, Part I, pages 255--272, 2015.Google Scholar
- Christel Baier and Joost-Pieter Katoen. Principles of Model Checking. The MIT Press, May 2008.Google ScholarDigital Library
- Benjamin Barre, Mathieu Klein, Maxime Soucy-Boivin, Pierre-Antoine Ollivier, and Sylvain Hallé. Mapreduce for parallel trace validation of LTL properties. In Shaz Qadeer and Serdar Tasiran, editors, Runtime Verification, Third International Conference, RV 2012, Istanbul, Turkey, September 25--28, 2012, Revised Selected. Papers, volume 7687 of Lecture Notes in Computer Science, pages 184--198. Springer, 2012.Google Scholar
- Adrian Beer, Stephan Heidinger, Uwe Kühne, Florian Leitner-Fischer, and Stefan Leue. Symbolic causality checking using bounded model checking. In Proc. of the 22nd Intl. Sym. on Model Checking Software, pages 203--221, 2015. Google ScholarDigital Library
- Armin Biere, Alessandro Cimatti, Edmund M. Clarke, and Yunshan Zhu. Symbolic model checking without bdds. In Proceedings of the 5th International Conference on Tools and Algorithms for Construction and Analysis of Systems, TACAS '99, pages 193--207, London, UK, UK, 1999. Springer-Verlag. Google ScholarDigital Library
- Nikolaj Bjørner, Anca Browne, Michael Colón, Bernd Finkbeiner, Zohar Manna, Henny Sipma, and Tomás E. Uribe. Verifying temporal properties of reactive systems: A step tutorial. Formal Methods in System Design, 16(3):227--270, 2000. Google ScholarDigital Library
- Antoine Cailliau and Axel van Lamsweerde. A probabilistic framework for goal-oriented risk analysis. In 2012 20th IEEE International Requirements Engineering Conference (RE), Chicago, IL, USA, September 24--28, 2012, pages 201--210, 2012. Google ScholarDigital Library
- Antoine Cailliau and Axel van Lamsweerde. Integrating exception handling in goal models. In IEEE 22nd International Requirements Engineering Conference, RE 2014, Karlskrona, Sweden, August 25--29, 2014, pages 43--52, 2014.Google ScholarCross Ref
- Antoine Cailliau and Axel van Lamsweerde. Handling knowledge uncertainty in risk-based requirements engineering. In 23rd IEEE International Requirements Engineering Conference, RE 2015, Ottawa, ON, Canada, August 24--28, 2015, pages 106--115, 2015.Google ScholarCross Ref
- Anne Dardenne, Axel van Lamsweerde, and Stephen Fickas. Goal-directed requirements acquisition. In SCIENCE OF COMPUTER PROGRAMMING, pages 3--50, 1993. Google ScholarDigital Library
- Renzo Degiovanni, Nicolás Ricci, Dalai Alrajeh, Pablo F. Castro, and Nazareno Aguirre. Goal-conflict detection based on temporal satisfiability checking. In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, ASE 2016, Singapore, September 3--7, 2016, pages 507--518, 2016. Google ScholarDigital Library
- Christian Ellen, Sven Sieverding, and Hardi Hungar. Detecting consistencies and inconsistencies of pattern-based functional requirements. In Proc. of the 19th Intl. Conf. on Formal Methods for Industrial Critical Systems, pages 155--169, 2014.Google ScholarCross Ref
- Neil A. Ernst, Alexander Borgida, John Mylopoulos, and Ivan J. Jureta. Agile requirements evolution via paraconsistent reasoning. In Proc. of the 24th Intl. Conf. on Advanced Information Systems Engineering, pages 382--397, 2012. Google ScholarDigital Library
- Amy P. Felty and Kedar S. Namjoshi. Feature specification and automated conflict detection. ACM TOSEM, 12(l):3--27, 2003. Google ScholarDigital Library
- Antonio Filieri, Marcelo F. Frias, Corina S. Pasareanu, and Willem Visser. Model counting for complex data structures. In Model Checking Software - 22nd International Symposium, SPIN 2015, Stellenbosch, South Africa, August 24--26, 2015, Proceedings, pages 222--241, 2015. Google ScholarDigital Library
- Bernd Finkbeiner and Hazem Torfah. Counting models of linear-time temporal logic. In Adrian Horia Dediu, Carlos Martín-Vide, José Luis Sierra-Rodríguez, and Bianca Truthe, editors, Language and Automata Theory and Applications - 8th International Conference, LATA 2014, Madrid, Spain, March 10--14, 2014. Proceedings, volume 8370 of Lecture Notes in Computer Science, pages 360--371. Springer, 2014. Google ScholarDigital Library
- A. Finkelstein and J. Dowell. A comedy of errors: The london ambulance service case study. In Proceedings of the 8th International Workshop on Software Specification and Design, IWSSD '96, pages 2--, Washington, DC, USA, 1996. IEEE Computer Society. Google ScholarDigital Library
- Paolo Giorgini, John Mylopoulos, and Roberto Sebastiani. Goal-oriented requirements analysis and reasoning in the tropos methodology. Engineering Applications of Artificial Intelligence, 18(2):159 -- 171, 2005. Google ScholarDigital Library
- David Harel, Hillel Kugler, and Amir Pnueli. Synthesis revisited: Generating statechart models from scenario-based requirements. In Formal Methods in Software and Systems Modeling: Essays Dedicated to Hartmut Ehrig on the Occasion of His 60th Birthday, pages 309--324, 2005. Google ScholarDigital Library
- J.H. Hausmann, R. Heckel, and G. Taentzer. Detection of conflicting functional requirements in a use case-driven approach. In ICSE, pages 105--115, 2002. Google ScholarDigital Library
- Sebastian J.I. Herzig and Christiaan J.J. Paredis. A conceptual basis for inconsistency management in model-based systems engineering. Procedia CIRP, 21:52 -- 57, 2014.Google Scholar
- Gerard J. Holzmann. The SPIN Model Checker -primer and reference manual. Addison-Wesley, 2004. Google ScholarDigital Library
- IEEE. Ieee recommended practice for software requirements specifications, 1998.Google Scholar
- Roberto J. Bayardo Jr. and Robert Schrag. Using CSP look-back techniques to solve real-world SAT instances. In Proceedings of the Fourteenth National Conference on Artificial Intelligence and Ninth Innovative Applications of Artificial Intelligence Conference, AAAI 97, IAAI 97, July 27--31, 1997, Providence, Rhode Island., pages 203--208, 1997. Google ScholarDigital Library
- M. Kamalrudin. Automated software tool support for checking the inconsistency of requirements. In ASE, pages 693--697, 2009. Google ScholarDigital Library
- J. Kramer, J. Magee, and M. Sloman. CONIC: An integrated approach to distributed computer control systems. In IEE Proc, Part E 130, pages 1--10, 1983.Google ScholarCross Ref
- Leslie Lamport. Proving the correctness of multiprocess programs. IEEE Trans. Software Eng., 3(2):125--143, 1977. Google ScholarDigital Library
- Timo Latvala, Armin Biere, Keijo Heljanko, and Tommi A. Junttila. Simple bounded LTL model checking. In Formal Methods in Computer-Aided Design, 5th International Conference, FMCAD 2004, Austin, Texas, USA, November 15--17, 2004, Proceedings, pages 186--200, 2004.Google Scholar
- Jeff Magee and Jeff Kramer. Concurrency - state models and Java programs (2. ed.). Wiley, 2006. Google ScholarDigital Library
- Zohar Manna and Amir Pnueli. The Temporal Logic of Reactive and Concurrent Systems. Springer-Verlag New York, Inc., New York, NY, USA, 1992. Google ScholarDigital Library
- J. Mylopoulos, L. Chung, and B. Nixon. Representing and using nonfunctional requirements: A process-oriented approach. IEEE Trans. Softw. Eng., 18(6):483--497, June 1992. Google ScholarDigital Library
- Tuong Huan Nguyen, Bao Quoc Vo, Markus Lumpe, and John Grundy. KBRE: a framework for knowledge-based requirements engineering. Software Quality Journal, 22(1):87--119, 2013. Google ScholarDigital Library
- Tian Sang, Fahiem Bacchus, Paul Beame, Henry A. Kautz, and Toniann Pitassi. Combining component caching and clause learning for effective model counting. In SAT 2004 - The Seventh International Conference on Theory and Applications of Satisfiability Testing, 10--13 May 2004, Vancouver, BC, Canada, Online Proceedings, 2004.Google Scholar
- Marc Thurley. sharpsat - counting models with advanced component caching and implicit BCP. In Theory and Applications of Satisfiability Testing - SAT 2006, 9th International Conference, Seattle, WA, USA, August 12--15, 2006, Proceedings, pages 424--429, 2006. Google ScholarDigital Library
- Sebastián Uchitel, Jeff Kramer, and Jeff Magee. Synthesis of behavioral models from scenarios. IEEE Trans. Software Eng., 29(2):99--115, 2003. Google ScholarDigital Library
- Axel van Lamsweerde. Requirements Engineering -From System Goals to UML Models to Software Specifications. Wiley, 2009. Google ScholarDigital Library
- Axel van Lamsweerde, Robert Darimont, and Emmanuel Letier. Managing conflicts in goal-driven requirements engineering. IEEE Trans. Software Eng., 24(11):908--926, 1998. Google ScholarDigital Library
- Axel van Lamsweerde and Emmanuel Letier. Integrating obstacles in goal-driven requirements engineering. In Proceedings of the 20th International Conference on Software Engineering, ICSE '98, pages 53--62, Washington, DC, USA, 1998. IEEE Computer Society. Google ScholarDigital Library
- Axel van Lamsweerde and Emmanuel Letier. Handling obstacles in goal-oriented requirements engineering. IEEE Trans. Softw. Eng., 26(10):978--1005, October 2000. Google ScholarDigital Library
- Willem Visser. What makes killing a mutant hard. In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, ASE 2016, Singapore, September 3--7, 2016, pages 39--44, 2016. Google ScholarDigital Library
- Eric S. K. Yu. Towards modeling and reasoning support for early-phase requirements engineering. In Proceedings of the 3rd IEEE International Symposium on Requirements Engineering, RE '97, pages 226--, Washington, DC, USA, 1997. IEEE Computer Society. Google ScholarDigital Library
Index Terms
- Goal-conflict likelihood assessment based on model counting
Recommendations
A genetic algorithm for goal-conflict identification
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software EngineeringGoal-conflict analysis has been widely used as an abstraction for risk analysis in goal-oriented requirements engineering approaches. In this context, where the expected behaviour of the system-to-be is captured in terms of domain properties and goals, ...
Goal-conflict detection based on temporal satisfiability checking
ASE '16: Proceedings of the 31st IEEE/ACM International Conference on Automated Software EngineeringGoal-oriented requirements engineering approaches propose capturing how a system should behave through the specification of high-level goals, from which requirements can then be systematically derived. Goals may however admit subtle situations that ...
A Runtime Goal Conflict Resolution Model for Agent Systems
WI-IAT '12: Proceedings of the The 2012 IEEE/WIC/ACM International Joint Conferences on Web Intelligence and Intelligent Agent Technology - Volume 02The goal-oriented agent programming based on BDI model is obtaining increasing attentions, because it allows us to design proactive behaviors for an agent. Generally, an agent does pursue multiple goals not only in a sequential way, but in a ...
Comments