37 Hits in 1.7 sec

Cross-project Classification of Security-related Requirements [article]

Mazen Mohamad and Jan-Philipp Steghöfer and Riccardo Scandariato
2020 arXiv   pre-print
We investigate the feasibility of using a classifier for security-related requirements trained on requirement specifications available online. This is helpful in case different requirement types are not differentiated in a large existing requirement specification. Our work is motivated by the need to identify security requirements for the creation of security assurance cases that become a necessity for many organizations with new and upcoming standards like GDPR and HiPAA. We base our
more » ... base our investigation on ten requirement specifications, randomly selected from a Google Search and partially pre-labeled. To validate the model, we run 10-fold cross-validation on the data where each specification constitutes a group. Our results indicate the feasibility of training a model from a heterogeneous data set including specifications from multiple domains and in different styles. However, performance benefits from revising the pre-labeled data for consistency. Additionally, we show that classifiers trained only on a specific specification type fare worse and that the way requirements are written has no impact on classifier accuracy.
arXiv:2003.14134v1 fatcat:xhv3yzlmpvhmtklvviqnatgvoi

Special issue: Trust management

Babak Esfandiari, Jan-Philipp Steghöfer
2018 Web Intelligence: an international journal  
This special issue includes two high quality papers on the recent advances in trust management. These papers are extended versions of selected papers accepted at
doi:10.3233/web-180392 fatcat:mmc32rc2bfe6nej7gg2jf37shq

Constraint Relationships for Soft Constraints [chapter]

Alexander Schiendorfer, Jan-Philipp Steghöfer, Alexander Knapp, Florian Nafz, Wolfgang Reif
2013 Research and Development in Intelligent Systems XXX  
We introduce constraint relationships as a means to define qualitative preferences on the constraints of soft constraint problems. The approach is aimed at constraint satisfaction problems (CSPs) with a high number of constraints that make exact preference quantizations hard to maintain manually or hard to anticipateespecially if constraints or preferences change at runtime or are extracted from natural language text. Modelers express preferences over the satisfaction of constraints with a
more » ... traints with a clear semantics regarding preferred tuples without assigning priorities to concrete domain values. We show how a CSP including a set of constraint relationships can linearly be transformed into a k-weighted CSP as a representative of c-semirings that is solved by widely available constraint solvers and compare it with existing techniques. We demonstrate the approach by using a typical example of a dynamic and interactive scheduling problem in AI. P r e p r i n t O n l y Preprint only. Manuscript accepted for publication in Proc. SGAI 2013 can never give two lectures at the same time. We might prefer solutions that do not include Friday afternoon lectures. Real-world problems tend to become too rigid as problems become overconstrained due to additional constraints representing preferences. Pioneering approaches to this problem either change the problem by relaxing existing constraints by adding domain values as in Partial CSP [11] or look for solutions that fulfill as many constraints as possible as in MaxCSP [13] . Usually, we are interested in assignments that satisfy all mandatory constraints, and enable preferences as well as possible. We present a qualitative formalism that enables to make statements such as "We prefer a solution that violates constraint X and satisfies Y to another one that violates Y but satisfies X". Our contribution consists of two parts. First, we propose constraint relationships that provide a useful and time-saving modeling and elicitation tool to abstractly denote preferences. We illustrate their usage by analyzing scenarios for a typical example of the scheduling problem. Second, we give a transformation into a kweighted CSP that respects the dominance properties we formalized and can be used with off-the-shelf constraint solvers.
doi:10.1007/978-3-319-02621-3_17 dblp:conf/sgai/SchiendorferSKNR13 fatcat:vyhhxixhcfca7hlkqqjyiqhbee

Model-Driven Requirements for Humans-on-the-Loop Multi-UAV Missions [article]

Ankit Agrawal, Jan-Philipp Steghofer, Jane Cleland-Huang
2020 arXiv   pre-print
The use of semi-autonomous Unmanned Aerial Vehicles (UAVs or drones) to support emergency response scenarios, such as fire surveillance and search-and-rescue, has the potential for huge societal benefits. Onboard sensors and artificial intelligence (AI) allow these UAVs to operate autonomously in the environment. However, human intelligence and domain expertise are crucial in planning and guiding UAVs to accomplish the mission. Therefore, humans and multiple UAVs need to collaborate as a team
more » ... aborate as a team to conduct a time-critical mission successfully. We propose a meta-model to describe interactions among the human operators and the autonomous swarm of UAVs. The meta-model also provides a language to describe the roles of UAVs and humans and the autonomous decisions. We complement the meta-model with a template of requirements elicitation questions to derive models for specific missions. We also identify common scenarios where humans should collaborate with UAVs to augment the autonomy of the UAVs. We introduce the meta-model and the requirements elicitation process with examples drawn from a search-and-rescue mission in which multiple UAVs collaborate with humans to respond to the emergency. We then apply it to a second scenario in which UAVs support first responders in fighting a structural fire. Our results show that the meta-model and the template of questions support the modeling of the human-on-the-loop human interactions for these complex missions, suggesting that it is a useful tool for modeling the human-on-the-loop interactions for multi-UAVs missions.
arXiv:2009.10267v1 fatcat:mjb4fegasbdy5dw4ij7cwvoyc4

Security Assurance Cases – State of the Art of an Emerging Approach [article]

Mazen Mohamad and Jan-Philipp Steghöfer and Riccardo Scandariato
2020 arXiv   pre-print
Security Assurance Cases (SAC) are a form of structured argumentation used to reason about the security properties of a system. After the successful adoption of assurance cases for safety, SACs are getting significant traction in recent years, especially in safety-critical industries (e.g., automotive), where there is an increasing pressure to be compliant with several security standards and regulations. Accordingly, research in the field of SAC has flourished in the past decade, with different
more » ... ade, with different approaches being investigated. In an effort to systematize this active field of research, we conducted a systematic literature review (SLR) of the existing academic studies on SAC. Our review resulted in an in-depth analysis and comparison of 51 papers. Our results indicate that, while there are numerous papers discussing the importance of security assurance cases and their usage scenarios, the literature is still immature with respect to concrete support for practitioners on how to build and maintain a SAC. More importantly, even though some methodologies are available, their validation and tool support is still lacking.
arXiv:2003.14151v1 fatcat:czh7tt6ufncw7dxice2p5mvgby

Security assurance cases—state of the art of an emerging approach

Mazen Mohamad, Jan-Philipp Steghöfer, Riccardo Scandariato
2021 Empirical Software Engineering  
Jan-Philipp Steghöfer is an associate professor at the Software Engineering Division of Chalmers University of Technology and the University of Gothenburg.  ...  Jan-Philipp has also worked on safety assessment and on agile software development in the automotive, medical, and avionics domain. Dr. Riccardo Scandariato received his PhD in Computer  ... 
doi:10.1007/s10664-021-09971-7 fatcat:sxa6pbmpbjdrhbqmiyl25okkzq

Involving External Stakeholders in Project Courses [article]

Jan-Philipp Steghöfer, Håkan Burden, Regina Hebig, Gul Calikli, Robert Feldt, Imed Hammouda, Jennifer Horkoff, Eric Knauss, Grischa Liebel
2018 arXiv   pre-print
Jan-Philipp Steghöfer, Chalmers | University of Gothenburg, Sweden Håkan Burden, RISE Viktoria, Sweden Regina Hebig, Gul Calikli, Robert Feldt, Chalmers | University of Gothenburg, Sweden Imed Hammouda  ...  TBD:4 Steghöfer et al.  ... 
arXiv:1805.01151v2 fatcat:tz6i3dkqyzhffod6ymq5ibbtkm

Partial Valuation Structures for Qualitative Soft Constraints [chapter]

Alexander Schiendorfer, Alexander Knapp, Jan-Philipp Steghöfer, Gerrit Anders, Florian Siefert, Wolfgang Reif
2015 Lecture Notes in Computer Science  
Soft constraints have proved to be a versatile tool for the specification and implementation of decision making in adaptive systems. A plethora of formalisms have been devised to capture different notions of preference. Wirsing et al. have proposed partial valuation structures as a unifying algebraic structure for several soft constraint formalisms, including quantitative and qualitative ones, which, in particular, supports lexicographic products in a broad range of cases. We demonstrate the
more » ... demonstrate the versatility of partial valuation structures by integrating the qualitative formalism of constraint relationships as well as the hybrid concept of constraint hierarchies. The latter inherently relies on lexicographic combinations, but it turns out that not all can be covered directly by partial valuation structures. We therefore investigate a notion for simulating partial valuation structures not amenable to lexicographic combinations by better suited ones. The concepts are illustrated by a case study in decentralized energy management. This research is partly sponsored by the German Research Foundation (DFG) in the project "OC-Trust" (FOR 1085). P r e p r i n t O n l y Preprint only. Manuscript accepted for publication in Springer LNCS 8950 error functions for constraints. So-called comparators define the ordering over assignments. By definition, constraint hierarchies tend to ignore all constraints on higher levels which leads to a strongly hierarchical evaluation. One satisfied constraint is possibly worth more than a whole set of other, violated constraints.
doi:10.1007/978-3-319-15545-6_10 fatcat:xd2oiu5gdbejlftxr7g32hdh5u

The state of adoption and the challenges of systematic variability management in industry

Thorsten Berger, Jan-Philipp Steghöfer, Tewfik Ziadi, Jacques Robin, Jabier Martinez
2020 Empirical Software Engineering  
Jan-Philipp participates in several European projects with a focus on software traceability and drives development of the open source traceability management tool Eclipse Capra.  ...  Jan-Philipp Fig. 1 1 Feature model example (Berger et al. 2014c) ), Deutsche Bank (Faust and Verhoef 2003b), Dialect Solutions (Staples and Hill 2004), E-COM (Liang et al. 2005), Ericsson (Mohagheghi  ...  Affiliations Thorsten Berger 1 · Jan-Philipp Steghöfer 1 · Tewfik Ziadi 2 · Jacques Robin 3 · Jabier Martinez 4  ... 
doi:10.1007/s10664-019-09787-6 fatcat:h77ikukjxff2tmprz6d23c37iu

Trust-Based Scenarios – Predicting Future Agent Behavior in Open Self-organizing Systems [chapter]

Gerrit Anders, Florian Siefert, Jan-Philipp Steghöfer, Wolfgang Reif
2014 Lecture Notes in Computer Science  
Agents in open self-organizing systems have to cope with a variety of uncertainties. In order to increase their utility and to ensure stable operation of the overall system, they have to capture and adapt to these uncertainties at runtime. This can be achieved by formulating an expectancy of the behavior of others and the environment. Trust has been proposed as a concept for this purpose. In this paper, we present trust-based scenarios as an enhancement of current trust models. Trust-based
more » ... s. Trust-based scenarios represent stochastic models that allow agents to take different possible developments of the environment's or other agents' behavior into account. We demonstrate that trust-based scenarios significantly improve the agents' capability to predict future behavior with a distributed power management application.
doi:10.1007/978-3-642-54140-7_8 fatcat:xtmahulc5jcfxe6ow5uvfk7gma

Synthesised Constraint Models for Distributed Energy Management

Alexander Schiendorfer, Jan-Philipp Steghöfer, Wolfgang Reif
2014 Proceedings of the 2014 Federated Conference on Computer Science and Information Systems  
Resource allocation is a task frequently encountered in energy management systems such as the coordination of power generators in a virtual power plant (unit commitment). Standard solutions require fixed parametrised optimisation models that the participants have to stick to without leaving room for tailored behaviour or individual preferences. We present a modelling methodology that allows organisations to specify optimisation goals independently of concrete participants and participants to
more » ... participants to craft more detailed models and state individual preferences. While considerable efforts have been spent on devising efficient control algorithms and detailed physical models in power management systems, practical aspects of unifying several heterogeneous models for optimisation have been widely ignored -a gap we aim to close. As a by-product, we give a formulation of warm and cold start-up times for power plants that improves existing power plant models. The concepts are detailed with the loaddistribution problem faced in virtual power plants and evaluated on several random instances where we observe that a significant number of soft constraints of individual actors can be satisfied if considered. I. CONSTRAINT OPTIMISATION PROBLEMS IN POWER SYSTEMS R ESOURCE allocation and scheduling are difficult problems that occur frequently in energy systems, be it the coordination of power generation [1], demand-side management, or building control software. In a producer-based view, supply needs to meet the demand as accurately as possible in order to guarantee stability and avoid costs incurred by corrective measures. Similarly, consumers may try to find cost-minimising schedules for processes required throughout a day with respect to time-dependent energy prices. Current initiatives 1 are based on the assumption that groups of prosumers (i.e., energy producers and/or consumers) can form and team up to achieve better prices or production rates for their participants. We also adopt the notion of agents, indicating that the prosumers are in principle autonomous entities, even if they surrender the decision about their power output to the group. A straightforward solution (see, e.g., [2], [3], [4], [5] ) to this resource allocation problem is to model the decision making process (e.g., distributing the load in a virtual power plant (VPP) or scheduling energy-consuming domestic processes in a consumer coalition) as a mathematical optimisation problem such as a mixed integer program (MIP), a linear program 1 cf. for consumer alliances or http: // for virtual power plants (LP) or as a constraint satisfaction and optimisation problem (CSOP) as done by industrial distributed energy management tools such as Siemens DEMS [6] or PLEXOS Integrated Energy Model [7] . DEMS is used, e.g., by the municipal utility of the city of Munich for controlling a VPP [8] . In essence, the problem is specified in terms of (decision) variables, their associated domains, and constraints that regulate which assignments are valid. The task accomplished by the respective solvers is then to assign values to all variables such that no constraint is violated and an optimisation objective is minimised (or maximised). Typically, such tools (DEMS in particular) offer a predefined range of agent types such as energy generators, storages, or controllable loads. Users may then specify the topology of their energy system to calculate optimized power schedules. A concrete power generator is thus essentially represented by one tuple in a data repository containing the parameters defining its behaviour. Consequently, the provided models constitute a static one-for-all solution that needs to encompass all supported characteristics of power generators, including, e.g., time-dependent properties such as inertia. Clearly, power generators show varying characteristics such as change rates, cool or warm start-up times or power boundaries depending on, e.g., the power plant type or manufacturer. Parametrised models as described above cannot support this variety. At some point the model has to be fixed for all participants and individual variables necessary to model a certain constraint cannot be added. To overcome this limitation, we suggest to synthesise an optimisation problem from several individual models. Such synthesised models allow for individual preferences (typically in the form of knowledge acquired by power plant operators such as economically optimal production ranges or limited ramp-up or -down of a generator) and separate modelling of the organisational optimisation problem and physical models of individual participants -properties that are attractive for organisations as more clients can be served as well as for individual participants as they can influence the assigned plans. This methodology is not only nice to have in multi-agent systems, where optimisation problems result from a combination of several sub-problems -it is necessary. Our contribution leads to a methodology that offers: 1) support for heterogeneous prosumers requiring specific sets of variables; 2) isolated modelling of physical components; 3) clean separation of the organisational aspects such as
doi:10.15439/2014f49 dblp:conf/fedcsis/SchiendorferSR14 fatcat:35g6xihwbjdufbiim6l4sv242y

Challenges of Scaled Agile for Safety-Critical Systems [chapter]

Jan-Philipp Steghöfer, Eric Knauss, Jennifer Horkoff, Rebekka Wohlrab
2019 Lecture Notes in Computer Science  
Automotive companies increasingly adopt scaled agile methods to allow them to deal with their organisational and product complexity. Suitable methods are needed to ensure safety when developing automotive systems. On a small scale, R-Scrum and SafeScrum are two concrete suggestions for how to develop safety-critical systems using agile methods. However, for large-scale environments, existing frameworks like SAFe or LeSS do not support the development of safety-critical systems out of the box.
more » ... s out of the box. We, therefore, aim to understand which challenges exist when developing safety-critical systems within large-scale agile industrial settings, in particular in the automotive domain. Based on an analysis of R-Scrum and SafeScrum, we conducted a focus group with three experts from industry to collect challenges in their daily work. We found challenges in the areas of living traceability, continuous compliance, and organisational flexibility. Among others, organisations struggle with defining a suitable traceability strategy, performing incremental safety analysis, and with integrating safety practices into their scaled way of working. Our results indicate a need to provide practical approaches to integrate safety work into large-scale agile development and point towards possible solutions, e.g., modular safety cases. Keywords: Scaled Agile, Safety-Critical Systems, Software Processes, R-Scrum, SafeScrum
doi:10.1007/978-3-030-35333-9_26 fatcat:jcto2i7edjgkxhptiforekgovu

Collaborative traceability management: a multiple case study from the perspectives of organization, process, and culture

Rebekka Wohlrab, Eric Knauss, Jan-Philipp Steghöfer, Salome Maro, Anthony Anjorin, Patrizio Pelliccione
2018 Requirements Engineering  
Traceability is crucial for many activities in software and systems engineering including monitoring the development progress, and proving compliance with standards. In practice, the use and maintenance of trace links are challenging as artifacts undergo constant change, and development takes place in distributed scenarios with multiple collaborating stakeholders. Although traceability management in general has been addressed in previous studies, there is a need for empirical insights into the
more » ... insights into the collaborative aspects of traceability management and how it is situated in existing development contexts. The study reported in this paper aims to close this gap by investigating the relation of collaboration and traceability management, based on an understanding of characteristics of the development effort. In our multiple exploratory case study, we conducted semistructured interviews with 24 individuals from 15 industrial projects. We explored which challenges arise, how traceability management can support collaboration, how collaboration relates to traceability management approaches, and what characteristics of the development effort influence traceability management and collaboration. We found that practitioners struggle with the following challenges: (1) collaboration across team and tool boundaries, (2) conveying the benefits of traceability, and (3) traceability maintenance. If these challenges are addressed, we found that traceability can facilitate communication and knowledge management in distributed contexts. Moreover, there exist multiple approaches to traceability management with diverse collaboration approaches, i.e., requirements-centered, developer-driven, and mixed approaches. While traceability can be leveraged in software development with both agile and plan-driven paradigms, a certain level of rigor is needed to realize its benefits and overcome challenges. To support practitioners, we provide principles of collaborative traceability management. The main contribution of this paper is empirical evidence of how culture, processes, and organization impact traceability management and collaboration, and principles to support practitioners with collaborative traceability management. We show that collaboration and traceability management have the potential to be mutually beneficial-when investing in one, also the other one is positively affected.
doi:10.1007/s00766-018-0306-1 fatcat:7hgirnfpwrdrvexsfjgdflypku

Model-driven synthesis of monitoring infrastructure for reliable adaptive multi-agent systems

Benedikt Eberhardinger, Jan-Philipp Steghofer, Florian Nafz, Wolfgang Reif
2013 2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE)  
Knowledge about the current state of the system serves at least two purposes: it is the basis for decisions to act and adapt to ensure reliable operation and it can be used to verify the correctness of the system at runtime. Both purposes require that current information is available at runtime that can be evaluated. Thus, the system designers have to create a complex monitoring infrastructure that suits the purposes of the system. We propose a combination of proven techniques that can be used
more » ... s that can be used as the basis for such a monitoring infrastructure. We combine it with a model-driven approach that allows a model transformation of information contained in the requirements and design documents to implementations of observers and controllers that allow adaptation at runtime based on current information as well as runtime verification. The approach can be easily integrated into an iterative-incremental software engineering process and is illustrated with two complex case studies.
doi:10.1109/issre.2013.6698901 dblp:conf/issre/EberhardingerSNR13 fatcat:k7vkncntjzgxrb4uqkytn7tdxm

Synthesis and Abstraction of Constraint Models for Hierarchical Resource Allocation Problems

Alexander Schiendorfer, Jan-Philipp Steghöfer, Wolfgang Reif
2014 Proceedings of the 6th International Conference on Agents and Artificial Intelligence  
Its structure changes in response to new information and changing conditions to enable each AVPP to balance its power demand and production (consequently forming the hierarchy as described in Steghöfer  ... 
doi:10.5220/0004757700150027 dblp:conf/icaart/SchiendorferSR14 fatcat:gjixtmarcvevbddxzrnfzwpjm4
« Previous Showing results 1 — 15 out of 37 results