Powered by
Conference Publishing Consulting

2014 IEEE 22nd International Requirements Engineering Conference (RE), August 25-29, 2014, Karlskrona, Sweden

RE 2014 – Proceedings

Contents - Abstracts - Authors
Online Calendar - iCal File

Frontmatter

Title Page


Message from the Chairs


Committees
Committees

Sponsors



Keynotes

Startups and Requirements (Keynote)
Anthony I. Wasserman
(Carnegie Mellon University, USA)
Tech startups typically approach requirements gathering differently from the process that is used to develop requirements in existing businesses and for existing products. Many of these startups operate in "stealth mode", taking care to minimize the number of people with whom they share their innovative ideas. It's common for these startups to create a succession of early releases, and apply user feedback from those releases to evolve the features and functions of their products.
This talk describes various approaches used by tech startups to define product requirements, and contrasts those approaches with those used in more traditional requirements engineering activities.

Now More Than Ever: Privacy and Security Are Required (Keynote)
Annie I. Antón
(Georgia Tech, USA)
Properly protecting information is in all our best interests, but it is a complex undertaking. The fact that regulation is often written by non-technologists, introduces additional challenges and obstacles. Moreover, those who design systems that collect, store, and maintain sensitive information have an obligation to design systems holistically within this broader context of regulatory and legal compliance. There are questions that should be asked when developing new requirements for information systems. For example, how do we build systems to handle data that must be kept secure and private when relevant regulations tie your hands? When building a system that maintains health or financial records for a large number of people, what do we need to do to protect the information against theft and abuse, keep the information private, AND at the same time, satisfy all governing privacy/security laws and restrictions? Moreover, how do we know that we've satisfied those laws? How do we monitor for compliance while ensuring that we're monitoring the right things? And, how do you accomplish all this in a way that can be expressed clearly to end-users and legislators (or auditors) so they can be confident you are doing the right things? We've been working on technologies to make these tasks simpler, and in some senses, automatic. In this talk, I will describe some of the research that we have been conducting to address these problems.


Research Track

Empirical Studies in Elicitation
Wed, Aug 27, 10:30 - 12:00, Multiroom (Chair: Daniel Amyot)

How Practitioners Approach Gameplay Requirements? An Exploration into the Context of Massive Multiplayer Online Role-Playing Games
Maya Daneva
(University of Twente, Netherlands)
Gameplay requirements are central to game development. In the business context of massive multiplayer online role-playing games (MMOGs) where game companies’ revenues rely on players' monthly subscriptions, gameplay is also recognized as the key to player retention. However, information on what gameplay requirements are and how practitioners 'engineer' them in real life is scarce. This exploratory study investigates how practitioners developing MMOGs reason about gameplay requirements and handle them in their projects. 12 practitioners from three leading MMOGs-producing companies were interviewed and their gameplay requirements documents were reviewed. The study’s most important findings are that in MMOG projects: (1) gameplay requirements are co-created with players, (2) are perceived and treated by practitioners as sets of choices and consequences, (3) gameplay is endless within a MMOG, and while gameplay requirements do not support any game-end goal, they do support a level-end goal, (4) 'paper-prototyping' and play-testing are pivotal to gameplay validation, (5) balancing the elements of the gameplay is an on-going task, perceived as the most difficult and labor-consuming, (6) gameplay happens both in-game and out-of-the game. We conclude with discussion on validity threats to our results and on implications for research and practice.

Therapist-Centered Requirements: A Multi-method Approach of Requirement Gathering to Support Rehabilitation Gaming
Cynthia Putnam and Jinghui Cheng
(DePaul University, USA)
Brain injuries (BI) are recognized as a major public health issue. Many therapists include commercial motion-based videogames in their therapy sessions to help make rehabilitation exercises fun and engaging. Our initial exploratory work exposed a need for tools to help therapists make evidence-based decisions when choosing commercial motion-games for their patients who have had a BI. Targeting this need, we are gathering requirements for a case-based recommender (CBR) system that will act as a decision tool for therapists. In this paper, we describe our ongoing work as a case study that illustrates our multi-method approach of requirement elicitation for the CBR system. Our approach is comprised of four overlapping steps: (1) interviews with therapists, (2) onsite observations of therapy game sessions, (3) diary studies in which therapists record detailed information about game sessions, and (4) a user study of a CBR prototype interface. Leveraging direct interaction with end users (i.e., therapists), this case study demonstrates requirements gathering techniques to address needs of a special population (i.e., therapists who work with patients who had BIs) in a specialized context (i.e., inpatient rehabilitation using motion-based video games).

Towards a Situation Awareness Design to Improve Visually Impaired Orientation in Unfamiliar Buildings: Requirements Elicitation Study
Abdulrhman Alkhanifer and Stephanie Ludi
(Rochester Institute of Technology, USA)
Requirements elicitation can be a challenging process in many systems. This challenge can be greater with a non-standard user population, such as visually impaired users. In this work, we report our experience and results of eliciting user requirements for a situation awareness indoor orientation system dedicated to the visually impaired. We elicited our initial system requirements through three different studies that focus on users along with orientation and mobility instructors. Also, we performed a knowledge elicitation through our studies to formulate our system’s situation awareness requirements.

Formal Modeling and Analysis
Wed, Aug 27, 10:30 - 12:00, J1610 (Chair: Mats Heimdahl)

Supporting Early Decision-Making in the Presence of Uncertainty
Jennifer Horkoff, Rick Salay, Marsha Chechik ORCID logo, and Alessio Di Sandro
(University of Trento, Italy; University of Toronto, Canada)
Requirements Engineering (RE) involves eliciting, understanding, and capturing system requirements, which naturally involves much uncertainty. During RE, analysts choose among alternative requirements, gradually narrowing down the system scope, and it is unlikely that all requirements uncertainties can be resolved before such decisions are made. There is a need for methods to support early requirements decision-making in the presence of uncertainty. We address this need by describing a novel technique for early decision-making and tradeoff analysis using goal models with uncertainty. The technique analyzes goal satisfaction over sets of models that can result from resolving uncertainty. Users make choices over possible analysis results, allowing our tool to find critical uncertainty reductions which must be resolved. An iterative methodology guides the resolution of uncertainties necessary to achieve desired levels of goal satisfaction, supporting trade-off analysis in the presence of uncertainty.

Integrating Exception Handling in Goal Models
Antoine Cailliau and Axel van Lamsweerde
(Université Catholique de Louvain, Belgium)
Missing requirements are known to be among the major sources of software failure. Incompleteness often results from poor anticipation of what could go wrong with an over-ideal system. Obstacle analysis is a model-based, goal-anchored form of risk analysis aimed at identifying, assessing and resolving exceptional conditions that may obstruct the behavioral goals of the target system. The obstacle resolution step is obviously crucial as it should result in more adequate and more complete requirements. In contrast with obstacle identification and assessment, however, this step has little support beyond a palette of resolution operators encoding tactics for producing isolated countermeasures to single risks. In particular, there is no single clue to date as to where and how such countermeasures should be integrated within a more robust goal model.
To address this problem, the paper describes a systematic technique for integrating obstacle resolutions as countermeasure goals into goal models. The technique is shown to guarantee progress towards a complete goal model; it preserves the correctness of refinements in the overall model; and keeps the original, ideal model visible to avoid cluttering the latter with a combinatorial blow-up of exceptional cases. To allow for this, the goal specification language is slightly extended in order to capture exceptions to goals seperately and distinguish normal situations from exceptional ones. The proposed technique is evaluated on a non-trivial ambulance dispatching system.

Protos: Foundations for Engineering Innovative Sociotechnical Systems
Amit K. Chopra, Fabiano Dalpiaz, F. Başak Aydemir, Paolo Giorgini, John Mylopoulos, and Munindar P. Singh
(Lancaster University, UK; Utrecht University, Netherlands; University of Trento, Italy; North Carolina State University, USA)
We address the challenge of requirements engineering for sociotechnical systems, wherein humans and organizations supported by technical artifacts such as software interact with one another. Traditional requirements models emphasize the goals of the stakeholders above their interactions. However, the participants in a sociotechnical system may not adopt the goals of the stakeholders involved in its specification. We motivate, Protos, a requirements engineering approach that gives prominence to the interactions of autonomous parties and specifies a sociotechnical system in terms of its participants' social relationships, specifically, commitments. The participants can adopt any goal they like, a key basis for innovative behavior, as long as they interact according to the commitments. Protos describes an abstract requirements engineering process as a series of refinements that seek to satisfy stakeholder requirements by incrementally expanding a specification set and an assumption set, and reducing requirements until all requirements are accommodated. We demonstrate this process via the London Ambulance System described in the literature.

Legal and Regulatory Requirements
Wed, Aug 27, 13:30 - 15:00, Multiroom (Chair: Seok-Won Lee)

Automated Detection and Resolution of Legal Cross References: Approach and a Study of Luxembourg's Legislation
Morayo Adedjouma, Mehrdad Sabetzadeh, and Lionel C. BriandORCID logo
(University of Luxembourg, Luxembourg)
When elaborating compliance requirements, analysts need to follow the cross references in the underlying legal texts and consider the additional information in the cited provisions. To enable easier navigation and handling of cross references, automation is necessary for recognizing the natural language patterns used in cross reference expressions (cross reference detection), and for interpreting these expressions and linking them to the target provisions (cross reference resolution). In this paper, we propose a solution for automated detection and resolution of legal cross references. We ground our work on Luxembourg's legislative texts, both for studying the natural language patterns in cross reference expressions and for evaluating the accuracy and scalability of our solution.

Goal-Oriented Compliance with Multiple Regulations
Sepideh Ghanavati, André Rifaut, Eric Dubois, and Daniel Amyot
(CRP Henri Tudor, Luxembourg; University of Ottawa, Canada)
Most systems and business processes in organizations need to comply with more than one law or regulation. Different regulations can partially overlap (e.g., one can be more detailed than the other) or even conflict with each other. In addition, one regulation can permit an action whereas the same action in another regulation might be mandatory or forbidden. In each of these cases, an organization needs to take different strategies. This paper presents an approach to handle different situations when comparing and attempting to comply with multiple regulations as part of a goal-oriented modeling framework named LEGAL-URN. This framework helps organizations find suitable trade-offs and priorities when complying with multiple regulations while at the same time trying to meet their own business objectives. The approach is illustrated with a case study involving a Canadian health care organization that must comply with four laws related to privacy, quality of care, freedom of information, and care consent.

Identifying and Classifying Ambiguity for Regulatory Requirements
Aaron K. Massey, Richard L. Rutledge, Annie I. Antón, and Peter P. Swire
(Georgia Tech, USA)
Software engineers build software systems in increasingly regulated environments, and must therefore ensure that software requirements accurately represent obligations described in laws and regulations. Prior research has shown that graduate-level software engineering students are not able to reliably determine whether software requirements meet or exceed their legal obligations and that professional software engineers are unable to accurately classify cross-references in legal texts. However, no research has determined whether software engineers are able to identify and classify important ambiguities in laws and regulations. Ambiguities in legal texts can make the difference between requirements compliance and non-compliance. Herein, we develop a ambiguity taxonomy based on software engineering, legal, and linguistic understandings of ambiguity. We examine how 17 technologists and policy analysts in a graduate-level course use this taxonomy to identify ambiguity in a legal text. We also examine the types of ambiguities they found and whether they believe those ambiguities should prevent software engineers from implementing software that complies with the legal text. Our research suggests that ambiguity is prevalent in legal texts. In 50 minutes of examination, participants in our case study identified on average 33.47 ambiguities in 104 lines of legal text using our ambiguity taxonomy as a guideline. Our analysis suggests (a) that participants used the taxonomy as intended: as a guide and (b) that the taxonomy provides adequate coverage (97.5%) of the ambiguities found in the legal text.

Handling Change and Evolution
Wed, Aug 27, 13:30 - 15:00, J1610 (Chair: Nelly Bencomo)

An Approach for Decision Support on the Uncertainty in Feature Model Evolution
Le Minh Sang Tran and Fabio Massacci
(University of Trento, Italy)
Software systems could be seen as a hierarchy of features which are evolving due to the dynamic of the working environments. The companies who build software thus need to make an appropriate strategy, which takes into consideration of such dynamic, to select features to be implemented. In this work, we propose an approach to facilitate such selection by providing a means to capture the uncertainty of evolution in feature models. We also provide two analyses to support the decision makers. The approach is exemplified in the Smart Grid scenario.

Maintaining Requirements for Long-Living Software Systems by Incorporating Security Knowledge
Stefan Gärtner, Thomas Ruhroth, Jens Bürger, Kurt Schneider, and Jan Jürjens
(Leibniz Universität Hannover, Germany; TU Dortmund, Germany)
Security is an increasingly important quality facet in modern information systems and needs to be retained. Due to a constantly changing environment, long-living software systems "age" not by wearing out, but by failing to keep up-to-date with their environment. The problem is that requirements engineers usually do not have a complete overview of the security-related knowledge necessary to retain security of long-living software systems. This includes security standards, principles and guidelines as well as reported security incidents. In this paper, we focus on the identification of known vulnerabilities (and their variations) in natural-language requirements by leveraging security knowledge. For this purpose, we present an integrative security knowledge model and a heuristic method to detect vulnerabilities in requirements based on reported security incidents. To support knowledge evolution, we further propose a method based on natural language analysis to refine and to adapt security knowledge. Our evaluation indicates that the proposed assessment approach detects vulnerable requirements more reliable than other methods (Bayes, SVM, k-NN). Thus, requirements engineers can react faster and more effectively to a changing environment that has an impact on the desired security level of the information system.

Rationalism with a Dose of Empiricism: Case-Based Reasoning for Requirements-Driven Self-Adaptation
Wenyi Qian, Xin Peng ORCID logo, Bihuan Chen ORCID logo, John Mylopoulos, Huanhuan Wang, and Wenyun Zhao
(Fudan University, China; University of Trento, Italy)
Requirements-driven approaches provide an effective mechanism for self-adaptive systems by reasoning over their runtime requirements models to make adaptation decisions. However, such approaches usually assume that the relations among alternative behaviours, environmental parameters and requirements are clearly understood, which is often simply not true. Moreover, they do not consider the influence of the current behaviour of an executing system on adaptation decisions. In this paper, we propose an improved requirementsdriven self-adaptation approach that combines goal reasoning and case-based reasoning. In the approach, past experiences of successful adaptations are retained as adaptation cases, which are described by not only requirements violations and contexts, but also currently deployed behaviours. The approach does not depend on a set of original adaptation cases, but employs goal reasoning to provide adaptation solutions when no similar cases are available. And case-based reasoning is used to provide more precise adaptation decisions that better reflect the complex relations among requirements violations, contexts, and current behaviours by utilizing past experiences. Our experimental study with an online shopping benchmark shows that our approach outperforms both requirements-driven approach and case-based reasoning approach in terms of adaptation effectiveness and overall quality of the system.

Traceability
Wed, Aug 27, 15:30 - 17:00, Multiroom (Chair: Emmanuel Letier)

TiQi: Towards Natural Language Trace Queries
Piotr Pruski, Sugandha Lohar, Rundale Aquanette, Greg Ott, Sorawit Amornborvornwong, Alexander Rasin, and Jane Cleland-Huang
(DePaul University, USA)
One of the surprising observations of traceability in practice is the under-utilization of existing trace links. Organizations often create links in order to meet compliance requirements, but then fail to capitalize on the potential benefits of those links to provide support for activities such as impact analysis, test regression selection, and coverage analysis. One of the major adoption barriers is caused by the lack of accessibility to the underlying trace data and the lack of skills many project stakeholders have for formulating complex trace queries. To address these challenges we introduce TiQi, a natural language approach, which allows users to write or speak trace queries in their own words. TiQi includes a vocabulary and associated grammar learned from analyzing NL queries collected from trace practitioners. It is evaluated against trace queries gathered from trace practitioners for two different project environments.

Traceability-Enabled Refactoring for Managing Just-In-Time Requirements
Nan NiuORCID logo, Tanmay Bhowmik, Hui Liu ORCID logo, and Zhendong Niu
(University of Cincinnati, USA; Mississippi State University, USA; Beijing Institute of Technology, China)
Just-in-time requirements management, characterized by lightweight representation and continuous refinement of requirements, fits many iterative and incremental development projects. Being lightweight and flexible, however, can cause wasteful and procrastinated implementation, leaving certain stakeholder goals not satisfied. This paper proposes traceability-enabled refactoring aimed at fulfilling more requirements fully. We make a novel use of requirements traceability to accurately locate where the software should be refactored, and develop a new scheme to precisely determine what refactorings should be applied to the identified places. Our approach is evaluated through an industrial study. The results show that our approach recommends refactorings more appropriately than a contemporary recommender. Keywords: requirements management; just-in-time requirements; traceability; refactoring;

Supporting Traceability through Affinity Mining
Vincenzo Gervasi and Didar Zowghi
(University of Pisa, Italy; University of Technology Sydney, Australia)
Traceability among requirements artifacts (and beyond, in certain cases all the way to actual implementation) has long been identified as a critical challenge in industrial practice. Manually establishing and maintaining such traces is a high-skill, labour-intensive job. It is often the case that the ideal person for the job also has other, highly critical tasks to take care of, so offering semi-automated support for the management of traces is an effective way of improving the efficiency of the whole development process. In this paper, we present a technique to exploit the information contained in previously defined traces, in order to facilitate the creation and ongoing maintenance of traces, as the requirements evolve. A case study on a reference dataset is employed to measure the effectiveness of the technique, compared to other proposals from the literature.

Discovering Requirements
Thu, Aug 28, 10:30 - 12:00, Multiroom (Chair: Vincenzo Gervasi)

How Do Users Like This Feature? A Fine Grained Sentiment Analysis of App Reviews
Emitza Guzman and Walid Maalej
(TU München, Germany; University of Hamburg, Germany)
App stores allow users to submit feedback for downloaded apps in form of star ratings and text reviews. Recent studies analyzed this feedback and found that it includes information useful for app developers, such as user requirements, ideas for improvements, user sentiments about specific features, and descriptions of experiences with these features. However, for many apps, the amount of reviews is too large to be processed manually and their quality varies largely. The star ratings are given to the whole app and developers do not have a mean to analyze the feedback for the single features.In this paper we propose an automated approach that helps developers filter,aggregate, and analyze user reviews. We use natural language processing techniques to identify fine-grained app features in the reviews. We then extract the user sentiments about the identified features and give them a general score across all reviews. Finally, we use topic modeling techniques to group fine-grained features into more meaningful high-level features. We evaluated our approach with 7 apps from the Apple App Store and Google Play Store and compared its results with a manually, peer-conducted analysis of the reviews. On average, our approach has a precision of 0.59 and a recall of 0.51. The extracted features were coherent and relevant to requirements evolution tasks. Our approach can help app developers to systematically analyze user opinions about single features and filter irrelevant reviews.

Scaling Requirements Extraction to the Crowd: Experiments with Privacy Policies
Travis D. Breaux and Florian Schaub
(Carnegie Mellon University, USA)
Natural language text sources have increasingly been used to develop new methods and tools for extracting and analyzing requirements. To validate these new approaches, researchers rely on a small number of trained experts to perform a labor-intensive manual analysis of the text. The time and resources needed to conduct manual extraction, however, has limited the size of case studies and thus the generalizability of results. To begin to address this issue, we conducted three experiments to evaluate crowdsourcing a manual requirements extraction task to a larger number of untrained workers. In these experiments, we carefully balance worker payment and overall cost, as well as worker training and data quality to study the feasibility of distributing requirements extraction to the crowd. The task consists of extracting descriptions of data collection, sharing and usage requirements from privacy policies. We present results from two pilot studies and a third experiment to justify applying a task decomposition approach to requirements extraction. Our contributions include the task decomposition workflow and three metrics for measuring worker performance. The final evaluation shows a 60% reduction in the cost of manual extraction with a 16% increase in extraction coverage.

Discovering Affect-Laden Requirements to Achieve System Acceptance
Alistair Sutcliffe, Paul Rayson, Christopher N. Bull, and Pete Sawyer
(Lancaster University, UK)
Novel envisioned systems face the risk of rejection by their target user community and the requirements engineer must be sensitive to the factors that will determine acceptance or rejection. Conventionally, technology acceptance is determined by perceived usefulness and ease-of-use, but in some domains, other factors play an important role. In healthcare systems, particularly, ethical and emotional factors can be crucial. In this paper we describe an approach to requirements discovery that we developed for such systems. We describe how we have applied our approach to a novel system to passively monitor users for signs of cognitive decline consistent with the onset of dementia. A key challenge was eliciting users’ reactions to emotionally-charged events before they experienced them. Our goal was to understand the range of users’ emotional responses and their values and motivations, by a combination of manual and automated text analysis of interview transcripts. The analysis enabled formulation of requirements that would maximise the likelihood of acceptance of the system. The problem was heightened by the fact that the key stakeholders were elderly people who represent a poorly-studied user constituency. We discuss the elicitation and analysis methodologies used, and our experience with tool support. We conclude by reflecting on the issues affect for RE and for technology acceptance.

Security and Privacy Requirements
Thu, Aug 28, 10:30 - 12:00, J1610 (Chair: Nancy Mead)

Hidden in Plain Sight: Automatically Identifying Security Requirements from Natural Language Artifacts
Maria Riaz, Jason King, John Slankas, and Laurie Williams
(North Carolina State University, USA)
Abstract: Natural language artifacts, such as requirements specifications, often explicitly state the security requirements for software systems. However, these artifacts may also imply additional security requirements that developers may overlook but should consider to strengthen the overall security of the system. The goal of this research is to aid requirements engineers in producing a more comprehensive and classified set of security requirements by (1) automatically identifying security-relevant sentences in natural language requirements artifacts, and (2) providing context-specific security requirements templates to help translate the security-relevant sentences into functional security requirements. Using machine learning techniques, we have developed a tool-assisted process that takes as input a set of natural language artifacts. Our process automatically identifies security-relevant sentences in the artifacts and classifies them according to the security objectives, either explicitly stated or implied by the sentences. We classified 10,963 sentences in six different documents from healthcare domain and extracted corresponding security objectives. Our manual analysis showed that 46% of the sentences were security-relevant. Of these, 28% explicitly mention security while 72% of the sentences are functional requirements with security implications. Using our tool, we correctly predict and classify 82% of the security objectives for all the sentences (precision). We identify 79% of all security objectives implied by the sentences within the documents (recall). Based on our analysis, we develop context-specific templates that can be instantiated into a set of functional security requirements by filling in key information from security-relevant sentences. Keywords: Security Requirements; Security Objectives; Natural Language Artifacts; Machine Learning;

Info
Managing Security Requirements Patterns using Feature Diagram Hierarchies
Rocky Slavin, Jean-Michel Lehker, Jianwei Niu, and Travis D. Breaux
(University of Texas at San Antonio, USA; Carnegie Mellon University, USA)
Security requirements patterns represent reusable security practices that software engineers can apply to improve security in their system. Reusing best practices that others have employed could have a number of benefits, such as decreasing the time spent in the requirements elicitation process or improving the quality of the product by reducing product failure risk. Pattern selection can be difficult due to the diversity of applicable patterns from which an analyst has to choose. The challenge is that identifying the most appropriate pattern for a situation can be cumbersome and time-consuming. We propose a new method that combines an inquiry-cycle based approach with the feature diagram notation to review only relevant patterns and quickly select the most appropriate patterns for the situation. Similar to patterns themselves, our approach captures expert knowledge to relate patterns based on decisions made by the pattern user. The resulting pattern hierarchies allow users to be guided through these decisions by questions, which introduce related patterns in order to help the pattern user select the most appropriate patterns for their situation, thus resulting in better requirement generation. We evaluate our approach using access control patterns in a pattern user study.

Engineering Topology Aware Adaptive Security: Preventing Requirements Violations at Runtime
Christos Tsigkanos, Liliana Pasquale, Claudio Menghi, Carlo Ghezzi, and Bashar Nuseibeh
(Politecnico di Milano, Italy; Lero, Ireland; Open University, UK)
Adaptive security systems aim to protect critical assets in the face of changes in their operational environment. We have argued that incorporating an explicit representation of the environment's topology enables reasoning on the location of assets being protected and the proximity of potentially harmful agents. This paper proposes to engineer topology aware adaptive security systems by identifying violations of security requirements that may be caused by topological changes, and selecting a set of security controls that prevent such violations. Our approach focuses on physical topologies; it maintains at runtime a live representation of the topology which is updated when assets or agents move, or when the structure of the physical space is altered. When the topology changes, we look ahead at a subset of the future system states. These states are reachable when the agents move within the physical space. If security requirements can be violated in future system states, a configuration of security controls is proactively applied to prevent the system from reaching those states. Thus, the system continuously adapts to topological stimuli, while maintaining requirements satisfaction. Security requirements are formally expressed using a propositional temporal logic, encoding spatial properties in Computation Tree Logic (CTL). The Ambient Calculus is used to represent the topology of the operational environment - including location of assets and agents - as well as to identify future system states that are reachable from the current one. The approach is demonstrated and evaluated using a substantive example concerned with physical access control.

Communicating Requirements
Thu, Aug 28, 13:30 - 15:00, J1610 (Chair: John Mylopoulos)

Openness and Requirements: Opportunities and Tradeoffs in Software Ecosystems
Eric Knauss, Daniela Damian ORCID logo, Alessia Knauss, and Arber Borici
(Chalmers, Sweden; University of Gothenburg, Sweden; University of Victoria, Canada)
A growing number of software systems is characterized by continuous evolution as well as by significant interdependence with other systems (e.g. services, apps). Such software ecosystems promise increased innovation power and support for consumer oriented software services at scale, and are characterized by a certain openness of their information flows. While such openness supports project and reputation management, it also brings some challenges to Requirements Engineering (RE) within the ecosystem. We report from a mixed-method study of IBM's CLM ecosystem that uses an open commercial development model. We analyzed data from from interviews within several ecosystem actors, participatory observation, and software repositories, to describe the flow of product requirements information through the ecosystem, how the open communication paradigm in software ecosystems provides opportunities for 'just-in-time' RE, as well as some of the challenges faced when traditional requirements engineering approaches are applied within such an ecosystem. More importantly, we discuss two tradeoffs brought about the openness in software ecosystems: i) allowing open, transparent communication while keeping intellectual property confidential within the ecosystem, and ii) having the ability to act globally on a long-term strategy while empowering product teams to act locally to answer end-users' context specific needs in a timely manner.

RISDM: A Requirements Inspection Systems Design Methodology: Perspective-Based Design of the Pragmatic Quality Model and Question Set to SRS
Shinobu Saito, Mutsuki Takeuchi, Setsuo Yamada, and Mikio Aoyama
(NTT DATA, Japan; NTT, Japan; Nanzan University, Japan)
The quality of the SRS (Software Requirements Specification) is the key to the success of software development. The inspection for the verification and validation of SRS are widely practiced, however, the techniques of inspection are rather ad hoc, and largely depend on the knowledge and skill of the people. This article proposes RISDM (Requirements Inspection Systems Design Methodology) to design the RIS (Requirements Inspection System) to be conducted by a third-party inspection team. The RISDM includes a meta-model and design process of RIS, PQM (Pragmatic Quality Model) of SRS, and a technique to generate inspection question set based on the PQM and PBR (Perspective-Based Reading). We have been applying the RIS designed by the proposed RISDM to more than 140 projects of a wide variety of software systems in NTT DATA for five years. By analyzing the statistics from the experience, we discovered some key quality characteristics of SRS reveal strong correlation to the project cost and level of quality to be used for evaluating the maturity of the SRS and predicting the risk. Keyword- Requirements Inspection; Requirements Verification and Validation; SRS; Pragmatic Quality Model; Question Set; Risk Prediction;

Tackling the Requirements Jigsaw Puzzle
Maria Pinto-Albuquerque and Awais Rashid
(Lisbon University Institute, Portugal; Lancaster University, UK)
Abstract—A key challenge during stakeholder meetings is that of presenting the requirements and conflicts to stakeholders in a way that fosters co-responsibility and co-ownership regarding the conflicts and their resolution. In this paper, we propose a jigsaw puzzle metaphor to make identified conflicts explicit as well as an associated method to utilise this metaphor during stakeholder meetings. The metaphor provides an easy to understand language for stakeholders from otherwise diverse backgrounds. It enables stakeholders to work with a well-understood concept - that of building a system from misshapen pieces. These characteristics foster communication and team work, which improve commitment of stakeholders in co-authoring of requirements and co-responsibility in conflict handling. The gamification of conflict resolution also promotes a relaxed environment, which in turn improves team cooperation and creativity. Our experience in three user studies demonstrates that the jigsaw puzzle indeed improves such co-responsibility and co-ownership when compared with typical text-based representations of requirements. Index Terms—Requirements, conflict, creativity, game, jigsaw puzzle, stakeholders, team work, communication, metaphor, visualization.

Automated Support for Eliciting Requirements
Thu, Aug 28, 15:30 - 17:00, Multiroom (Chair: Zhi Jin)

Automated Support for Combinational Creativity in Requirements Engineering
Tanmay Bhowmik, Nan NiuORCID logo, Anas Mahmoud, and Juha Savolainen
(Mississippi State University, USA; University of Cincinnati, USA; Danfoss, Denmark)
Requirements engineering (RE), framed as a creative problem solving process, plays a key role in innovating more useful and novel requirements and improving a software system's sustainability. Existing approaches, such as creativity workshops and feature mining from web services, facilitate creativity by exploring a search space of partial and complete possibilities of requirements. To further advance the literature, we support creativity from a combinational perspective, i.e., making unfamiliar connections between familiar possibilities of requirements. In particular, we propose a novel framework that extracts familiar ideas from the requirements and stakeholders' comments using topic modeling and applies part-of-speech tagging to obtain unfamiliar idea combinations. We apply our framework on two large open-source software systems and further report a human subject evaluation. The results show that our framework complements existing approaches by generating original and relevant requirements in an automated manner. Keywords - Requirements engineering; creativity; topic modeling; requirements elicitation

Automated Extraction and Visualization of Quality Concerns from Requirements Specifications
Mona Rahimi, Mehdi Mirakhorli, and Jane Cleland-Huang
(DePaul University, USA)
Software requirements specifications often focus on functionality and fail to adequately capture quality concerns such as security, performance, and usability. In many projects, quality-related requirements are either entirely lacking from the specification or intermingled with functional concerns. This makes it difficult for stakeholders to fully understand the quality concerns of the system and to evaluate their scope of impact. In this paper we present a data mining approach for automating the extraction and subsequent modeling of quality concerns from requirements, feature requests, and online forums. We extend our prior work in mining quality concerns from textual documents and apply a sequence of machine learning steps to detect quality-related requirements, generate goal graphs contextualized by project-level information, and ultimately to visualize the results. We illustrate and evaluate our approach against two industrial health-care related systems.

Requirements Management Concerns
Fri, Aug 29, 10:30 - 12:00, J1610 (Chair: Didar Zowghi)

Language Extended Lexicon Points: Estimating the Size of an Application using Its Language
Leandro Antonelli, Gustavo Rossi, Julio Cesar Sampaio do Prado Leite, and Alejandro Oliveros
(Universidad Nacional de La Plata, Argentina; PUC-Rio, Brazil; Universidad Argentina de la Empresa, Argentina)
Abstract—Estimating the size of a software system is a critical task due to the implications the estimation has in the management of the development project. There are some widely accepted estimation techniques: Function Points, Use Case Points and Cosmic Points, but these techniques can only be applied after the availability of a requirements specification. In this paper, we propose an approach to estimate the size of an application previous to its requirements specification by using the application language itself, captured by the Language Extended Lexicon (LEL). Our approach is based on Use Case Points and on a technique which derives Use Cases from the LEL. The proposed approach provides a measure of the application’s size earlier than the usual techniques, thus reducing the effort needed to apply them. An initial experiment was conducted to evaluate the proposal.

The Role of Legal Expertise in Interpretation of Legal Requirements and Definitions
David G. Gordon and Travis D. Breaux
(Carnegie Mellon University, USA)
Government laws and regulations increasingly place requirements on software systems. Ideally, experts trained in law will analyze and interpret legal texts to inform the software requirements process. However, in small companies and development teams with short launch cycles, individuals with little or no legal training will be responsible for compliance. Two specific challenges commonly faced by non-experts are deciding if their system is covered by a law, and then deciding whether two legal requirements are similar or different. In this study, we assess the ability of laypersons, technical professionals, and legal experts to judge the similarity between legal coverage conditions and requirements. In so doing, we discovered that legal experts achieved higher rates of consensus more frequently than technical professionals or laypersons and that all groups had slightly greater agreement when judging coverage conditions than requirements, measured by Fleiss’ Κ. When comparing judgments between groups using a consensus-based Cohen’s Kappa, we found that technical professionals and legal experts exhibited consistently greater agreement than that found between laypersons and legal experts, and that each group tended towards different justifications, such as laypersons and technical professionals tendency towards categorizing different coverage conditions or requirements as equivalent if they believed them to possess the same underlying intent.

Evaluating the Business Value of Information Technology: Case Study on Game Management System
Harri Töhönen, Marjo Kauppinen, and Tomi Männistö
(Aalto University, Finland; University of Helsinki, Finland)
Abstract - Evaluating the multidimensional and dynamic nature of IT business value is a continuous challenge. This paper examines how system dynamics can be used in evaluating IT business value in a company level. We approach IT business value as a web of impacts, where benefits and sacrifices are ultimately evaluated against company earnings logic. This study is based on an action research and covers a pilot project within two co-operating companies. System dynamics was utilised to construct a value creation model for an existing Gaming Management System. This value creation modelling covered two dimensions: 1) structural evaluation of IT impacts with cause-and-effect models, 2) dynamic evaluation and simulation of value realisation over time. As a result, value creation modelling was able to provide a visual overview of how IT impacts were linked to business value through value paths, and how much and when value was realised. Value creation modelling enabled prototyping of value realisation that can provide value based insights for development activities like requirements elicitation and analysis. The examined approach proved its potential for providing a common language for technology and business parties, thus improving IT business alignment. Index Terms — IT business value, evaluation, system dynamics

Quality Goals
Fri, Aug 29, 13:30 - 14:30, J1610 (Chair: Neil Ernst)

Non-functional Requirements as Qualities, with a Spice of Ontology
Feng-Lin Li, Jennifer Horkoff, John Mylopoulos, Alexander Borgida, Renata S. S. Guizzardi, Giancarlo Guizzardi, and Lin Liu
(University of Trento, Italy; Rutgers University, USA; Federal University of Espírito Santo, Brazil; Tsinghua University, China)
We propose a modeling language for non-functional requirements (NFRs) that views NFRs as requirements over qualities, mapping a software-related domain to a quality space. The language is compositional in that it allows (recursively) complex NFRs to be constructed in several ways. Importantly, the language allows the definition of requirements about the quality of fulfillment of other requirements, thus capturing, among others, the essence of probabilistic and fuzzy goals as proposed in the literature. We also offer a methodology for systematically refining informal NFRs elicited from stakeholders, resulting in unambiguous, de-idealized, and measurable requirements. The proposal is evaluated with a requirements dataset that includes 370 NFRs crossing 15 projects. The results suggest that our framework can adequately handle and clarify NFRs generated in practice.

Quality Requirements Elicitation Based on Inquiry of Quality-Impact Relationships
Farnaz Fotrousi, Samuel A. Fricker, and Markus Fiedler
(Blekinge Institute of Technology, Sweden)
Quality requirements, an important class of non-functional requirements, are inherently difficult to elicit. Particularly challenging is the definition of good-enough quality. The problem cannot be avoided though, because hitting the right quality level is critical. Too little quality leads to churn for the software product. Excessive quality generates unnecessary cost and drains the resources of the operating platform. To address this problem, we propose to elicit the specific relationships between software quality levels and their impacts for given quality attributes and stakeholders. An understanding of each such relationship can then be used to specify the right level of quality by deciding about acceptable impacts. The quality-impact relationships can be used to design and dimension a software system appropriately and, in a second step, to develop service level agreements that allow re-use of the obtained knowledge of good-enough quality. This paper describes an approach to elicit such quality–impact relationships and to use them for specifying quality requirements. The approach has been applied with user representatives in requirements workshops and used for determining Quality of Service (QoS) requirements based the involved users’ Quality of Experience (QoE). The paper describes the approach in detail and reports early experiences from applying the approach.


Tool Demonstrations and Posters
Thu, Aug 28, 15:30 - 17:00, J1360 (Chair: Jennifer Horkoff; Richard Berntsson Svensson)

Nòmos 3: Reasoning about Regulatory Compliance of Requirements
Silvia Ingolfo, Alberto Siena, and John Mylopoulos
(University of Trento, Italy)
The great impact that law has in the RE-process has called for new techniques and procedures to evaluate the alignment of requirements with applicable laws. In this paper we present a modeling language for the evaluation of compliance of requirements with a piece of law: Nomos3. We introduce our language and show the reasoning capabilities of our proposal.

GUITAR: An Ontology-based Automated Requirements Analysis Tool
Tuong Huan Nguyen, John Grundy, and Mohamed Almorsy
(Swinburne University of Technology, Australia)
Combining goal-oriented and use case modeling has been proven to be an effective method in requirements elicitation and elaboration. However, current requirements engineering approaches generally lack reliable support for automated analysis of such modeled artifacts. To address this problem, we have developed GUITAR, a tool which delivers automated detection of incorrectness, incompleteness and inconsistency between artifacts. GUITAR is based on our goal-use case integration meta-model and ontologies of domain knowledge and semantics. GUITAR also provides comprehensive explanations for detected problems and can suggest resolution alternatives.

Video
Simulation-Based Requirements Discovery for Smart Driver Assistive Technologies
Andreas Gregoriades, Maria Pampaka, and Alistair Sutcliffe
(European University Cyprus, Cyprus; University of Manchester, UK)
Smart driver assistive technologies (DAT) have been developed to alleviate accident risk by either reducing driver workload or assessing driver attentiveness. Such systems aim to draw drivers’ attention on critical cues that improve decision making. However, in some cases, these systems can have a negative effect due to the extra information load they incur to the driver. Therefore, in addition to specifying the functional requirements for such systems there is an urgent need to address the human requirements. This work describes a simulation-based requirements discovery method that utilises the benefits of a modular simulator that models future designs of DAT.

Video
EAM: Ecosystemability Assessment Method
Eric Knauss and Imed Hammouda
(Chalmers, Sweden; University of Gothenburg, Sweden)
In this extended abstract, we present the ecosystemability assessment method as a means to assess the extent to which a software system, represented by its architecture and its development environment, supports the vision of ecosystem.

Combined Goal and Feature Model Reasoning with the User Requirements Notation and jUCMNav
Yanji Liu, Yukun Su, Xinshang Yin, and Gunter Mussbacher ORCID logo
(McGill University, Canada)
The User Requirements Notation (URN) is an international requirements engineering standard published by the International Telecommunication Union. URN supports goal-oriented and scenario-based modeling and analysis. jUCMNav is an open-source, Eclipse-based modeling tool for URN. This tool demonstration focuses on recent extensions to jUCMNav that have incorporated feature models into a URN-based modeling and reasoning framework. Feature modeling is a well-establishing technique for capturing commonalities and variabilities of Software Product Lines. Combined with URN, it is possible to reason about the impact of feature configurations on stakeholder goals and system qualities, thus helping to identify the most appropriate features for a stakeholder. Furthermore, coordinated feature and goal model reasoning is fundamental to Concern-Driven Development, where concerns are defined with a three-part variation, customization, and usage interface. As the variation interface is described with feature and goal models, it is now possible with jUCMNav to define and reason about a concern’s variation interface, which is a prerequisite for composing multiple concerns based on their three-part interfaces.

Video
Decisively: Application of Quantitative Analysis and Decision Science in Agile Requirements Engineering
Sanjaya Kumar Saxena and Rachna Chakraborty
(GrayPE Systems, India)
While many mature Requirements Engineering (RE) tools for Agile exist, RE professionals at large have not been able to benefit from Quantitative Analysis and Decision Science (QUADS) techniques in this context. In this paper we present an Agile RE tool, Decisively, which brings a new perspective to automation in the RE process through application of QUADS to address Requirement Discovery, Analysis, Estimation and Prioritization. Techniques explored in Decisively include Analytical Hierarchical Process (AHP) for prioritization and estimation, Lorenz function to shortlist user stories by analyzing the distribution of votes, Box Plot Analysis to predict velocity, and Text Mining to discover implied requirements from documents.

Video
VARED: Verification and Analysis of Requirements and Early Designs
Julia Badger, David Throop, and Charles Claunch
(NASA, USA; Boeing, USA)
Requirements are a part of every project life cycle; everything going forward in a project depends on them. The VARED tool chain aims to provide an integrated environment to analyze and verify the requirements and early design of a system. Natural language requirements are processed automatically into formal specifications using a state model of the system under design and its environment. The specifications are formally checked and then are used to verify the controller model meets the requirements.

Structured Multi-view Modeling by Tabular Notation
Xiuna Zhu, Dongyue Mou, and Daniel Ratiu
(TU München, Germany; fortiss, Germany)
The growth of software complexity and high degree of dependencies between functionalities motivates the use of models during requirements engineering. Hence, readability and comprehensibility of currently requirements specification techniques should be increased. Additionally, multi-view modeling and tabular expression are widely accepted techniques in requirements documentation. We present a tool that allows structured multi-view modeling of the behavior of the system by means of tabular notation. Our tool provides various table patterns to support different behavior views, which leverage the advantages of tabular specification, e.g., unambiguous, precise, and easier to read, analyses and communicate. Our aim is to reduce the complexity in the development of software systems.

Video
Efficient Visual Notations for Efficient Stakeholder Communication
Ralf Laue, Frank Hogrebe, Boris Böttcher, and Markus Nüttgens
(University of Applied Sciences Zwickau, Germany; Hessische Hochschule für Polizei und Verwaltung Wiesbaden, Germany; University of Hamburg, Germany)
The visual syntax of modelling languages can support (or impede) the intuitive understandability of a model. We observed the process of problem solving with two notation variants of i* diagrams by means of an eye-tracking device. The number of wrongly answered questions was significantly lower when the alternative i* notation suggested by Moody et al. was used. For the eye-tracking metrics "time to solve a task" and "number of eye fixations", no such significant result can be given. Furthermore, we identified a deficiency for the "dependency" symbol in the alternative notation.

Symbolic Verification of Requirements in VRS System
Oleksandr Letychevskyi and Thomas Weigert
(Glushkov Institute of Cybernetics, Ukraine; Uniquesoft LLC, USA)
VRS (Verification Requirements Specifications) system is a tool for processing formal requirements during the initial stage of software, hardware, or system development. Symbolic modeling and deductive methods are used for detection of issues such as safety violations, deadlocks, nondeterminism, or livelocks. The formal representation of requirements also supports the generation of test suites as well as the synthesis of a design model.

Video
Business Application Modeler: A Process Model Validation and Verification Tool
Sören Witt, Sven Feja, Andreas Speck, and Christian Hadler
(Kiel University, Germany)
(Business) Process models are common artifacts in requirements engineering. The models can be enriched with plenty of (detailed) information and their at least semi formal character even enables model driven approaches or direct execution in workflow engines. Validity of process models is crucial. Manual checking is expensive and error-prone, especially for requirements that regard the content level (e.g. compliance). To enable automated checking, an adequate method for formal specification is necessary. We present the Business Application Modeler (BAM), which is a modeling and Validation & Verification tool that integrates modeling of processes and formal graphical validation rules. These rules can be automatically applied to process models. In particular, the modeler is supported by visualizations of checking results directly in the process models. Next to highlighting mechanisms this support includes recommendations for the correction of errors.

Video

Industry Track

Lightweight RE Methods
Wed, Aug 27, 10:30 - 12:00, J1620 (Chair: David Callele)

Handling Design-Level Requirements across Distributed Teams: Developing a New Feature for 12 Danish Mobile Banking Apps
Lars Bruun, Mikkel Bovbjerg Hansen, Jørgen Bøndergaard Iversen, Jens Bæk Jørgensen, and Bjarne Knudsen
(Bankdata, Denmark; Mjølner Informatics, Denmark)
Bankdata and Mjølner have cooperated in the development of a new feature for 12 Danish mobile banking apps. Bankdata is the main system provider and Mjølner is subcontractor. Different teams from Bankdata have collected requirements, developed the necessary backend and middleware software, and designed the user interface. One team from Mjølner has implemented the app feature. The cooperation between the teams was centered around design-level requirements. Our contribution is to describe and discuss a number of lessons learned regarding requirements representations, requirements tools, and cooperation process; we have faced challenges, which were amplified by our distributed teams set-up. We also briefly describe a number of initiatives we have launched recently to alleviate the problems and improve the handling of design-level requirements in our future cooperation.

Experience of Pragmatically Combining RE Methods for Performance Requirements in Industry
Rebekka Wohlrab, Thijmen de Gooijer, Anne Koziolek, and Steffen Becker
(ABB Research, Sweden; KIT, Germany; University of Paderborn, Germany)
To meet end-user performance expectations, precise performance requirements are needed during development and testing, e.g., to conduct detailed performance and load tests. However, in practice, several factors complicate performance requirements elicitation: lacking skills in performance requirements engineering, outdated or unavailable functional specifications and architecture models, the specification of the system's context, lack of experience to collect good performance requirements in an industrial setting with very limited time, etc. From the small set of available non-functional requirements engineering methods, no method exists that alone leads to precise and complete performance requirements with feasible effort and which has been reported to work in an industrial setting. In this paper, we present our experiences in combining existing requirements engineering methods into a performance requirements method called PROPRE. It has been designed to require no up-to-date system documentation and to be applicable with limited time and effort. We have successfully applied PROPRE in an industrial case study from the process automation domain. Our lessons learned show that the stakeholders gathered good performance requirements which now improve performance testing.

Lightweight Requirements Engineering Assessments in Software Projects
Daniel Rapp, Anne Hess, Norbert Seyff, Peter Spörri, Emmerich Fuchs, and Martin Glinz
(Zühlke Management Consultants, Switzerland; Fraunhofer IESE, Germany; University of Zurich, Switzerland)
Requirements engineering (RE) is widely recognized as a crucial factor for the success of software projects. Therefore, companies often request assessments of RE processes and resulting artifacts to identify issues and improvement potential. However, industry claims that current assessment approaches do not always fulfill their needs regarding efficiency and effectiveness. Motivated by needs of both, companies asking for an assessment, and a company in the role of an assessor, we have developed a lightweight, tool-supported RE assessment approach. Apart from presenting the approach, we also discuss early experiences we gained from applying our assessment approach in real-world industrial projects.

Stakeholder Collaboration
Wed, Aug 27, 13:30 - 15:00, J1620 (Chair: Sami Jantunen)

Capturing and Sharing Domain Knowledge with Business Rules: Lessons Learned from a Global Software Vendor
Walid Maalej and Smita Ghaisas
(University of Hamburg, Germany; Tata Consultancy Services, India)
Business rules represent constraints in a domain, which need to be taken into account either during the development or the usage of a system. Motivated by the knowledge reuse potentials when developing systems within the same domain, we studied business rules in a large software company. We interviewed 11 experienced practitioners on how they understand, capture, and use business rules. We also studied the role of business rules in requirements engineering in the host organization. We found that practitioners have a very broad perception for this term, ranging from flows of business processes to directives for calling external system interfaces. We identified 27 types of rules, which are typically captured as a free text in requirements documents and other project documentation. Practitioners stated the need to capture this tacit form of domain knowledge and to trace it to other artifacts as it impacts all activities in a software engineering project. We distill our results in 17 findings and discuss the implications for researchers and practitioners.

Building a National E-Service using Sentire: Experience Report on the Use of Sentire: A Volere-Based Requirements Framework Driven by Calibrated Personas and Simulated User Feedback
Chris Porter, Emmanuel Letier, and M. Angela Sasse
(University College London, UK)
User experience (UX) is difficult to quantify and thus more challenging to require and guarantee. It is also difficult to gauge the potential impact on users’ lived experience, especially at the earlier stages of the development life cycle, particularly before hi fidelity prototypes are developed. We believe that the enrolment process is a major hurdle for e-government service adoption and badly designed processes might result in negative repercussions for both the policy maker and the different user groups involved; non-adoption and resentment are two risks that may result in low return on investment (ROI), lost political goodwill and ultimately a negative lived experience for citizens. Identity assurance requirements need to balance out the real value of the assets being secured (risk) with the user groups’ acceptance thresholds (based on a continuous cost-benefit exercise factoring in cognitive and physical workload). Sentire is a persona-centric requirements framework built on and extending the Volere requirements process with UX-analytics, reusable user behavioural models and simulated user feedback through calibrated personas. In this paper we present a story on how Sentire was adopted in the development of a national public-facing e-service. Daily journaling was used throughout the project and a custom built cloud-based CASE tool was used to manage the whole process. This paper outlines our experiences and lessons learnt.

Video
Competition and Collaboration in Requirements Engineering: A Case Study of an Emerging Software Ecosystem
George Valença, Carina Alves, Virgínia Heimann, Slinger Jansen, and Sjaak Brinkkemper
(Federal Rural University of Pernambuco, Brazil; Federal University of Pernambuco, Brazil; Utrecht University, Netherlands)
Increasingly, small to medium software producing organisations are working together in collaboration networks to supply complex compositions of their products and services to customers. In this paper, we present a case study of two software companies that are evolving their partnership towards the creation of a software ecosystem. We investigate the impacts of their tightening partnership on software product management, with a focus on requirements engineering practices. We observe that the requirements definition and negotiation processes are directly affected by their fluid collaborative and competitive relationships. Power disputes, volatile roles and mismatches in release synchronisation are also aspects observed in the studied software ecosystem. We extract several observations from the case study that support small to medium software firms in making decisions within their software ecosystem.

The Effect of Variability Modeling on Requirements Satisfaction for the Configuration and Implementation of Off-The-Shelf Software Packages
Amanda Rubython and Neil Maiden
(City&Guilds Kineo, UK; City University London, UK)
An industrial experience of the use of a method for discovering customer requirements with which to configure an off-the-shelf software package for implementation is reported. The method uses an adapted form of product variability model to provide common ground between the customer and supplier about requirements and capabilities. An associated decision support software tool guides the supplier and customer through a model-based walkthrough to discover new requirements, based on equivalent capabilities described in the product variability model. We applied the method in the work processes of the commercial provider of a software-based learning management system, and collected quantitative and qualitative data from supplier-customer interactions. Our first experienc-es with the method led to an increased exposure and expression of customer requirements in the customer-supplier dialogue, compared to the baseline dialogue during software package demonstrations. The paper also reports some first lessons learned to improve the method and adopt its use with other software supplier organizations.

RE in Practice: Experiences from the Field I
Wed, Aug 27, 15:30 - 17:00, J1620 (Chair: Smita Ghaisas)

Modelling Sustainability in a Procurement System: An Experience Report
Camilla Bomfim, Wesley Nunes, Leticia Duboc, and Marcelo Schots
(State University of Rio de Janeiro, Brazil; Federal University of Rio de Janeiro, Brazil)
Sustainability is one of the main driving forces in our society. IT can also contribute to sustainable development, which goes beyond the energy consumed to produce and run the software product. Software is normally part of a wider context, social-technical systems, whose development can have a significant impact on the sustainability of its surroundings. A particular type of system with considerable sustainability impact are procurement systems. They normally affect the three pillars of sustainability: social, economic and environmental. This paper describes an experience on using goal modelling to incorporate sustainability into the procurement system of a large multinational energy company. The study highlights the advantages and challenges of introducing sustainability into private procurement systems, as well as the suitability of the technique for such a purpose. We believe this experience and its resulting model can be useful to other companies wishing to implement sustainable procurement processes.

A Case Study using a Protocol to Derive Safety Functional Requirements from Fault Tree Analysis
Luiz Eduardo Galvão Martins and Tiago de Oliveira
(Federal University of São Paulo, Brazil)
State-of-the-art in Requirements Engineering offers many frameworks and techniques to enable requirements engineers in their work. However, for critical systems there are gaps in state-of-the-art, and these can result in dire consequences, potentially putting lives in danger and damage infrastructure and threaten the environment. A well known technique used to help requirements engineers to understand safety hazards situations in the context of safety-critical software is Fault Tree Analysis (FTA). This technique is a good one to decompose hazards identified in the system context into events that may put the system functionalities in risk. However, FTA does not offer a protocol of how to derive safety functional requirements from fault trees. In this paper we present a case study adopting a protocol to help requirements engineers to derive safety functional requirements from FTA. The proposed protocol was based on a study performed in a Brazilian company in the area of electronic medical devices. The development of prototype of a low cost insulin infusion pump, which is a critical system, offered the basis to propose and test a protocol to derive safety functional requirements from FTA. During the case study we collected evidences that help us to discuss if FTA is sufficient to guide software engineers to implement the corresponding control software and also if FTA offers enough information to help requirements engineers to derive safety functional requirements.

The DODT Tool Applied to Sub-Sea Software
Tor Stålhane and Tormod Wien
(Norwegian University of Science and Technology, Norway; ABB Research, Norway)
Using natural language is still a common form of writing software requirements. Tools and techniques to improve the quality of natural language requirements may give better results than attempts to convince industry to use something else. We have combined natural language requirements with tool support using boilerplates and domain ontologies, enabling detection of ambiguities and incompleteness in requirements. This paper reports on a case study where requirement analysts used the developed tool to analyze requirements for a safety-critical control system. The experience showed that people were able to use the tool to develop a domain ontology and apply boilerplates to describe requirements in a structured way, yielding requirements readable for humans and analyzable for the tool. The tool support improved the quality of requirements by reducing ambiguities and inconsistent use of terminology, removing redundant requirements, and improving partial and unclear requirements.

RE in Practice: Experiences from the Field II
Fri, Aug 29, 10:30 - 12:00, J1620 (Chair: Michael Panis)

Towards Feature-Oriented Requirements Validation for Automotive Systems
Jiale Zhou, Yue Lu, Kristina Lundqvist, Henrik Lönn, Daniel Karlsson, and Bo Liwång
(Mälardalen University, Sweden; Volvo, Sweden; Swedish Radiation Safety Authority, Sweden)
In the modern automotive industry, feature models have been widely used as a domain-specific requirements model, which can capture commonality and variability of a software product line through a set of features. Product variants can thus be configured by selecting different sets of features from the feature model. For feature-oriented requirements validation, the variability of feature sets often makes the hidden flaws such as behavioral inconsistencies of features, hardly to avoid. In this paper, we present an approach to feature-oriented requirements validation for automotive systems w.r.t both functional behaviors and non-functional properties. Our approach first starts with the behavioral specification of features and the associated requirements by following a restricted use case modeling approach, and then formalizes such specifications by using a formal yet literate language for analysis. We demonstrate the applicability of our approach through an industrial application of a vehicle locking-unlocking system.

Product Knowledge Configurator for Requirements Gap Analysis and Customizations
Preethu Rose Anish and Smita Ghaisas
(Tata Consultancy Services, India)
Product knowledge plays an important role in identifying the requirements of the desired variant and configuring the existing product to the present needs of a customer. The success of a product-based business depends to a great extent on how efficiently and accurately the existing product knowledge is utilized for customization needs. Oftentimes however, product knowledge resides with few key individuals in an organization. In the absence of their involvement, project teams may redevelop product features unnecessarily, resulting in an effort overhead. Such overdependence poses a risk to projects. To identify the requirements for the variants accurately and efficiently, we need to have a thorough knowledge of the existing product features. In this paper, we discuss our work on representing product knowledge and reusing it in a Requirements Engineering (RE) exercise for a large project involving product customization. We present our experience from using the configurator for requirements gap analysis and customizations.

Reassessing the Pattern-Based Approach for Formalizing Requirements in the Automotive Domain
Predrag Filipovikj, Mattias Nyberg, and Guillermo Rodriguez-Navas
(Mälardalen University, Sweden; Scania, Sweden)
The importance of using formal methods and techniques for verification of requirements in the automotive industry has been greatly emphasized with the introduction of the new ISO26262 standard for road vehicles functional safety. The lack of support for formal modeling of requirements still represents an obstacle for the adoption of the formal methods in industry. This paper presents a case study that has been conducted in order to evaluate the difficulties inherent to the process of transforming the system requirements from their traditional written form into semi-formal notation. The case study focuses on a set of non-structured functional requirements for the Electrical and Electronic (E/E) systems inside heavy road vehicles, written in natural language, and reassesses the applicability of the extended Specification Pattern System (SPS) represented in a restricted English grammar. Correlating this experience with former studies, we observe that, as previously claimed, the concept of patterns is likely to be generally applicable for the automotive domain. Additionally, we have identified some potential difficulties in the transformation process, which were not reported by the previous studies and will be used as a basis for further research.


Doctoral Symposium
Mon, Aug 25, 09:00 - 17:00, J1640-J1650 (Chair: Mats Heimdahl; Camille Salinesi)

From Architecture to Requirements: Relating Requirements and Architecture for Better Requirements Engineering
Feng Chen
(University of Limerick, Ireland; Lero, Ireland)
The importance of software requirements is widely acknowledged. However, many software projects still exhibit inadequate Requirements Engineering (RE) practice. More importantly, dealing with Non-Functional Requirements (NFRs) remains as a challenge for software practitioners. This research aims at advancing RE practice through the co-development of requirements and architecture by utilizing the relationship between Architecturally Significant Requirements (ASRs) and Architectural Design Decisions (ADDs).

Quantification of Social Sustainability in Software
Maryam Al Hinai
(University of Leicester, UK)
Software, as any other product, must be account for its effects on sustainability of its production and use environments. This research focuses on the social aspect of sustainable development. Currently, there are neither clear methods for evaluating social sustainability of a software system at requirements level nor a comprehensive set of metrics for social sustainability useable in requirements analysis. This research aims to develop a set of such metrics and an accompanying method for analyzing social sustainability requirements of software systems.

Improving Collaborative and Post-WIMP Systems through Requirements Specification
Miguel A. Teruel
(University of Castile–La Mancha, Spain)
A proper requirements specification is paramount for achieving the quality of the developed software products. However, well-known Requirements Engineering (RE) techniques lack of enough expressiveness to model the requirements of CSCW systems (Computer Supported Collaborative Work). This is due to the inherent complexity of collaboration among users and their need of awareness. Moreover, the way in which users interact with CSCW systems have evolved greatly to more sophisticated interfaces, beyond the classical desktop computer environments, to those called Post-WIMP (Windows, Icons, Menus, Pointer). Awareness is magnified in such a way that users have to be aware of their context: the artifacts with which to interact, his/her own capabilities as well as those of the others. All this awareness is necessary to allow them to collaborate in virtual and/or augmented environments. This PhD thesis aims at solving this problem by developing a RE framework able to deal with the requirements of CSCW and Post-WIMP systems, making emphasis on the awareness requirements about user’s context.

Video Info
Stakeholders' Social Interaction in Requirements Engineering of Open Source Software
Tanmay Bhowmik
(Mississippi State University, USA)
Requirements engineering (RE) involves human-centric activities that require interaction among different stakeholders. Traditionally, RE has been considered as a centralized, collocated, and phase-specific process. However, in open-source software (OSS) development environment, the core RE activities are iterative and dynamic and follow a rather decentralized software engineering paradigm. This crosscutting characteristic of open-source RE can be conceptualized using the "Twin Peaks" model that weaves RE together with software architecture. Although many weaving mechanisms have been proposed in recent years, lack of theoretical underpinning limits a mechanism's applicability and usefulness in different scenarios. In this research proposal, we hypothesize stakeholders' social interaction as an ecologically valid weaving mechanism of the "Twin Peaks" in open-source RE. We further outline a concrete research plan to examine the generalizability of this weaving mechanism for three activities: requirements identification, requirements implementation, and creativity in RE. Carrying out this research plan will enable us to gain valuable insights to generate guidelines for enhancing software engineering practice in relevant areas.

Aligning Services and Requirements with User Feedback
Muneera Bano
(University of Technology Sydney, Australia)
For analysts the alignment between the requirements and the available services presents a significant challenge in service oriented paradigm. To address this challenge various technical solutions have already been proposed. Although technical issues play an important role in this selection but organizational and social factors are equally as important in selecting an optimally aligned service for a specific requirement. The users of services are mostly ignored in the alignment process. User feedback analysis has recently gained a lot of research focus, but these benefits have not been fully explored and utilized in service oriented software development. In this paper I present a method for aligning services to requirements that is designed using the Situational Method Engineering approach and it incorporates user feedback about the services. This feedback assists the analysts in extracting required information for making informed decisions while selecting services among available options that satisfies both the user requirements and customer preferences. The method is supported by a proposed tool. The method and the supporting tool will be validated by a controlled experiment and focus group feedback from the practitioners.

Requirements Development and Management of Embedded Real-Time Systems
Jiale Zhou
(Mälardalen University, Sweden)
It is well recognized that most of the anomalies, discovered in the development of embedded real-time systems, belong to requirement and specification phases. To ease the situation, many efforts have been investigated into the area. For requirements development, especially requirements validation and verification, model-driven architecture techniques can be considered as a cost-efficient solution. In order to utilize such advantages, the design of the proposed system is often specified in terms of analyzable models at the certain level of abstraction. Further, different levels of requirements are translated into verifiable queries and fed into the models to be either validated or verified. For requirements management, requirements traceability provides critical support for performing change impact analysis, risk analysis, regression testing, etc. In this thesis, we cover several topics about requirements validation, requirements verification, and requirements traceability. In particular, the technical contributions are three-fold: 1) we propose an approach to requirements validation by using the extended Timed Abstract State Machine (TASM) language with newly defined TASM constructs and, 2) we present a simulation-based method which is powered up by statistical techniques to conduct requirements verification, working with industrial applications and, 3) we introduce an improved VSM-based requirements traceability recovery approach using a novel context analysis. Further, we have demonstrated the applicability of our contributions in real world usage through various case studies.

Context-Sensitive Information Security Risk Identification and Evaluation Techniques
Dan Ionita
(University of Twente, Netherlands)
The objective of my research is to improve and support the process of Information security Risk Assessment by designing a scalable Risk argumentation framework for socio-digital- technical Risk. Due to the various types of IT systems, diversity of architectures and dynamic nature of Risk, there is no one-size-fits all RA method. As such, the research hopes to identify guidelines for conducting Risk Assessments in contexts that raise special challenges such as Telecom and virtualized infrastructures. Finally, it will suggest ways of qualitatively and quantitatively evaluating Information Security Risks in such scenarios by using argumentation and/or modelling attacker business cases.

Business Processes and Regulations Compliance Management Technology
Ilze Buksa
(Riga Technical University, Latvia)
Organizations must comply with a number of external and internal regulations for business governance and must ensure that their processes are running accordingly to requirements of regulations. Therefore business process and regulations compliance analysis audit and management tasks take a very important role in daily operational activities for each organization. Due to high complexity this task can become challenging. In some domains regulations are changing rapidly. Process models must be flexible and easy adjustable to changing requirements, since the lack of ability to comply with regulations can lower down the competitiveness of an organizations. Thus, rapid changes of regulations require rapid changes of related business processes. The goal of the PhD work is to develop business process and regulations compliance management technology which should enable business process construction from regulations and change monitoring of regulations and business processes to ensure easy and rapid modification of business process model or regulations, thus also ensuring compliance.

Creative Strategic Scenarios for Preparation to Requirements Evolution
Marília Guterres Ferreira
(PUC-Rio, Brazil)
The focus of this research is Creative Strategic Scenarios as predictive models of software evolution for socio-technical systems in organizations. This research seeks to combine theories of Strategic Planning and Creativity to generate strategic scenarios that could predict Organizational Changes. The work will integrate scenarios and the i* goal modelling mechanism to analyse the impacts of organizational change through strategic scenarios.


Panel

Ready-Set-Transfer! Technology Transfer in the Requirements Engineering Domain (Panel)
Jane Huffman Hayes and Didar Zowghi
(University of Kentucky, USA; University of Technology Sydney, Australia)
Though the primary goal of requirements engineering research is to propose, develop, and validate effective solutions for important practical problems, practice has shown that successful projects take from 20-25 years to reach full industry adoption, while many projects fade and never advance beyond the initial research phase. In this interactive panel, teams of researchers, representing different requirements engineering research areas, bring ideas for technology transfer to a panel of industrial and government practitioners. The teams make interactive presentations and receive feedback from panelists. Beneath the game-show genre of the panel is the serious goal to foster conversation between practitioners and researchers to improve the effectiveness of technology transfer in the requirements engineering community.

proc time: 1.49