A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is
We investigate the feasibility of using a classifier for security-related requirements trained on requirement specifications available online. This is helpful in case different requirement types are not differentiated in a large existing requirement specification. Our work is motivated by the need to identify security requirements for the creation of security assurance cases that become a necessity for many organizations with new and upcoming standards like GDPR and HiPAA. We base ourarXiv:2003.14134v1 fatcat:xhv3yzlmpvhmtklvviqnatgvoi
more »... base our investigation on ten requirement specifications, randomly selected from a Google Search and partially pre-labeled. To validate the model, we run 10-fold cross-validation on the data where each specification constitutes a group. Our results indicate the feasibility of training a model from a heterogeneous data set including specifications from multiple domains and in different styles. However, performance benefits from revising the pre-labeled data for consistency. Additionally, we show that classifiers trained only on a specific specification type fare worse and that the way requirements are written has no impact on classifier accuracy.
This special issue includes two high quality papers on the recent advances in trust management. These papers are extended versions of selected papers accepted atdoi:10.3233/web-180392 fatcat:mmc32rc2bfe6nej7gg2jf37shq
Research and Development in Intelligent Systems XXX
We introduce constraint relationships as a means to define qualitative preferences on the constraints of soft constraint problems. The approach is aimed at constraint satisfaction problems (CSPs) with a high number of constraints that make exact preference quantizations hard to maintain manually or hard to anticipateespecially if constraints or preferences change at runtime or are extracted from natural language text. Modelers express preferences over the satisfaction of constraints with adoi:10.1007/978-3-319-02621-3_17 dblp:conf/sgai/SchiendorferSKNR13 fatcat:vyhhxixhcfca7hlkqqjyiqhbee
more »... traints with a clear semantics regarding preferred tuples without assigning priorities to concrete domain values. We show how a CSP including a set of constraint relationships can linearly be transformed into a k-weighted CSP as a representative of c-semirings that is solved by widely available constraint solvers and compare it with existing techniques. We demonstrate the approach by using a typical example of a dynamic and interactive scheduling problem in AI. P r e p r i n t O n l y Preprint only. Manuscript accepted for publication in Proc. SGAI 2013 can never give two lectures at the same time. We might prefer solutions that do not include Friday afternoon lectures. Real-world problems tend to become too rigid as problems become overconstrained due to additional constraints representing preferences. Pioneering approaches to this problem either change the problem by relaxing existing constraints by adding domain values as in Partial CSP  or look for solutions that fulfill as many constraints as possible as in MaxCSP  . Usually, we are interested in assignments that satisfy all mandatory constraints, and enable preferences as well as possible. We present a qualitative formalism that enables to make statements such as "We prefer a solution that violates constraint X and satisfies Y to another one that violates Y but satisfies X". Our contribution consists of two parts. First, we propose constraint relationships that provide a useful and time-saving modeling and elicitation tool to abstractly denote preferences. We illustrate their usage by analyzing scenarios for a typical example of the scheduling problem. Second, we give a transformation into a kweighted CSP that respects the dominance properties we formalized and can be used with off-the-shelf constraint solvers.
The use of semi-autonomous Unmanned Aerial Vehicles (UAVs or drones) to support emergency response scenarios, such as fire surveillance and search-and-rescue, has the potential for huge societal benefits. Onboard sensors and artificial intelligence (AI) allow these UAVs to operate autonomously in the environment. However, human intelligence and domain expertise are crucial in planning and guiding UAVs to accomplish the mission. Therefore, humans and multiple UAVs need to collaborate as a teamarXiv:2009.10267v1 fatcat:mjb4fegasbdy5dw4ij7cwvoyc4
more »... aborate as a team to conduct a time-critical mission successfully. We propose a meta-model to describe interactions among the human operators and the autonomous swarm of UAVs. The meta-model also provides a language to describe the roles of UAVs and humans and the autonomous decisions. We complement the meta-model with a template of requirements elicitation questions to derive models for specific missions. We also identify common scenarios where humans should collaborate with UAVs to augment the autonomy of the UAVs. We introduce the meta-model and the requirements elicitation process with examples drawn from a search-and-rescue mission in which multiple UAVs collaborate with humans to respond to the emergency. We then apply it to a second scenario in which UAVs support first responders in fighting a structural fire. Our results show that the meta-model and the template of questions support the modeling of the human-on-the-loop human interactions for these complex missions, suggesting that it is a useful tool for modeling the human-on-the-loop interactions for multi-UAVs missions.
Security Assurance Cases (SAC) are a form of structured argumentation used to reason about the security properties of a system. After the successful adoption of assurance cases for safety, SACs are getting significant traction in recent years, especially in safety-critical industries (e.g., automotive), where there is an increasing pressure to be compliant with several security standards and regulations. Accordingly, research in the field of SAC has flourished in the past decade, with differentarXiv:2003.14151v1 fatcat:czh7tt6ufncw7dxice2p5mvgby
more »... ade, with different approaches being investigated. In an effort to systematize this active field of research, we conducted a systematic literature review (SLR) of the existing academic studies on SAC. Our review resulted in an in-depth analysis and comparison of 51 papers. Our results indicate that, while there are numerous papers discussing the importance of security assurance cases and their usage scenarios, the literature is still immature with respect to concrete support for practitioners on how to build and maintain a SAC. More importantly, even though some methodologies are available, their validation and tool support is still lacking.
Jan-Philipp Steghöfer is an associate professor at the Software Engineering Division of Chalmers University of Technology and the University of Gothenburg. ... Jan-Philipp has also worked on safety assessment and on agile software development in the automotive, medical, and avionics domain. Dr. Riccardo Scandariato received his PhD in Computer ...doi:10.1007/s10664-021-09971-7 fatcat:sxa6pbmpbjdrhbqmiyl25okkzq
Jan-Philipp Steghöfer, Chalmers | University of Gothenburg, Sweden Håkan Burden, RISE Viktoria, Sweden Regina Hebig, Gul Calikli, Robert Feldt, Chalmers | University of Gothenburg, Sweden Imed Hammouda ... TBD:4 Steghöfer et al. ...arXiv:1805.01151v2 fatcat:tz6i3dkqyzhffod6ymq5ibbtkm
Lecture Notes in Computer Science
Soft constraints have proved to be a versatile tool for the specification and implementation of decision making in adaptive systems. A plethora of formalisms have been devised to capture different notions of preference. Wirsing et al. have proposed partial valuation structures as a unifying algebraic structure for several soft constraint formalisms, including quantitative and qualitative ones, which, in particular, supports lexicographic products in a broad range of cases. We demonstrate thedoi:10.1007/978-3-319-15545-6_10 fatcat:xd2oiu5gdbejlftxr7g32hdh5u
more »... demonstrate the versatility of partial valuation structures by integrating the qualitative formalism of constraint relationships as well as the hybrid concept of constraint hierarchies. The latter inherently relies on lexicographic combinations, but it turns out that not all can be covered directly by partial valuation structures. We therefore investigate a notion for simulating partial valuation structures not amenable to lexicographic combinations by better suited ones. The concepts are illustrated by a case study in decentralized energy management. This research is partly sponsored by the German Research Foundation (DFG) in the project "OC-Trust" (FOR 1085). P r e p r i n t O n l y Preprint only. Manuscript accepted for publication in Springer LNCS 8950 error functions for constraints. So-called comparators define the ordering over assignments. By definition, constraint hierarchies tend to ignore all constraints on higher levels which leads to a strongly hierarchical evaluation. One satisfied constraint is possibly worth more than a whole set of other, violated constraints.
Jan-Philipp participates in several European projects with a focus on software traceability and drives development of the open source traceability management tool Eclipse Capra. ... Jan-Philipp Fig. 1 1 Feature model example (Berger et al. 2014c) ), Deutsche Bank (Faust and Verhoef 2003b), Dialect Solutions (Staples and Hill 2004), E-COM (Liang et al. 2005), Ericsson (Mohagheghi ... Affiliations Thorsten Berger 1 · Jan-Philipp Steghöfer 1 · Tewfik Ziadi 2 · Jacques Robin 3 · Jabier Martinez 4 ...doi:10.1007/s10664-019-09787-6 fatcat:h77ikukjxff2tmprz6d23c37iu
Lecture Notes in Computer Science
Agents in open self-organizing systems have to cope with a variety of uncertainties. In order to increase their utility and to ensure stable operation of the overall system, they have to capture and adapt to these uncertainties at runtime. This can be achieved by formulating an expectancy of the behavior of others and the environment. Trust has been proposed as a concept for this purpose. In this paper, we present trust-based scenarios as an enhancement of current trust models. Trust-baseddoi:10.1007/978-3-642-54140-7_8 fatcat:xtmahulc5jcfxe6ow5uvfk7gma
more »... s. Trust-based scenarios represent stochastic models that allow agents to take different possible developments of the environment's or other agents' behavior into account. We demonstrate that trust-based scenarios significantly improve the agents' capability to predict future behavior with a distributed power management application.
Resource allocation is a task frequently encountered in energy management systems such as the coordination of power generators in a virtual power plant (unit commitment). Standard solutions require fixed parametrised optimisation models that the participants have to stick to without leaving room for tailored behaviour or individual preferences. We present a modelling methodology that allows organisations to specify optimisation goals independently of concrete participants and participants todoi:10.15439/2014f49 dblp:conf/fedcsis/SchiendorferSR14 fatcat:35g6xihwbjdufbiim6l4sv242y
more »... participants to craft more detailed models and state individual preferences. While considerable efforts have been spent on devising efficient control algorithms and detailed physical models in power management systems, practical aspects of unifying several heterogeneous models for optimisation have been widely ignored -a gap we aim to close. As a by-product, we give a formulation of warm and cold start-up times for power plants that improves existing power plant models. The concepts are detailed with the loaddistribution problem faced in virtual power plants and evaluated on several random instances where we observe that a significant number of soft constraints of individual actors can be satisfied if considered. I. CONSTRAINT OPTIMISATION PROBLEMS IN POWER SYSTEMS R ESOURCE allocation and scheduling are difficult problems that occur frequently in energy systems, be it the coordination of power generation , demand-side management, or building control software. In a producer-based view, supply needs to meet the demand as accurately as possible in order to guarantee stability and avoid costs incurred by corrective measures. Similarly, consumers may try to find cost-minimising schedules for processes required throughout a day with respect to time-dependent energy prices. Current initiatives 1 are based on the assumption that groups of prosumers (i.e., energy producers and/or consumers) can form and team up to achieve better prices or production rates for their participants. We also adopt the notion of agents, indicating that the prosumers are in principle autonomous entities, even if they surrender the decision about their power output to the group. A straightforward solution (see, e.g., , , ,  ) to this resource allocation problem is to model the decision making process (e.g., distributing the load in a virtual power plant (VPP) or scheduling energy-consuming domestic processes in a consumer coalition) as a mathematical optimisation problem such as a mixed integer program (MIP), a linear program 1 cf. https://www.energiekosten-stop.at/ for consumer alliances or http: //www.swm.de/geschaeftskunden/effizienz-umwelt/virtuelles-kraftwerk.html for virtual power plants (LP) or as a constraint satisfaction and optimisation problem (CSOP) as done by industrial distributed energy management tools such as Siemens DEMS  or PLEXOS Integrated Energy Model  . DEMS is used, e.g., by the municipal utility of the city of Munich for controlling a VPP  . In essence, the problem is specified in terms of (decision) variables, their associated domains, and constraints that regulate which assignments are valid. The task accomplished by the respective solvers is then to assign values to all variables such that no constraint is violated and an optimisation objective is minimised (or maximised). Typically, such tools (DEMS in particular) offer a predefined range of agent types such as energy generators, storages, or controllable loads. Users may then specify the topology of their energy system to calculate optimized power schedules. A concrete power generator is thus essentially represented by one tuple in a data repository containing the parameters defining its behaviour. Consequently, the provided models constitute a static one-for-all solution that needs to encompass all supported characteristics of power generators, including, e.g., time-dependent properties such as inertia. Clearly, power generators show varying characteristics such as change rates, cool or warm start-up times or power boundaries depending on, e.g., the power plant type or manufacturer. Parametrised models as described above cannot support this variety. At some point the model has to be fixed for all participants and individual variables necessary to model a certain constraint cannot be added. To overcome this limitation, we suggest to synthesise an optimisation problem from several individual models. Such synthesised models allow for individual preferences (typically in the form of knowledge acquired by power plant operators such as economically optimal production ranges or limited ramp-up or -down of a generator) and separate modelling of the organisational optimisation problem and physical models of individual participants -properties that are attractive for organisations as more clients can be served as well as for individual participants as they can influence the assigned plans. This methodology is not only nice to have in multi-agent systems, where optimisation problems result from a combination of several sub-problems -it is necessary. Our contribution leads to a methodology that offers: 1) support for heterogeneous prosumers requiring specific sets of variables; 2) isolated modelling of physical components; 3) clean separation of the organisational aspects such as
Lecture Notes in Computer Science
Automotive companies increasingly adopt scaled agile methods to allow them to deal with their organisational and product complexity. Suitable methods are needed to ensure safety when developing automotive systems. On a small scale, R-Scrum and SafeScrum are two concrete suggestions for how to develop safety-critical systems using agile methods. However, for large-scale environments, existing frameworks like SAFe or LeSS do not support the development of safety-critical systems out of the box.doi:10.1007/978-3-030-35333-9_26 fatcat:jcto2i7edjgkxhptiforekgovu
more »... s out of the box. We, therefore, aim to understand which challenges exist when developing safety-critical systems within large-scale agile industrial settings, in particular in the automotive domain. Based on an analysis of R-Scrum and SafeScrum, we conducted a focus group with three experts from industry to collect challenges in their daily work. We found challenges in the areas of living traceability, continuous compliance, and organisational flexibility. Among others, organisations struggle with defining a suitable traceability strategy, performing incremental safety analysis, and with integrating safety practices into their scaled way of working. Our results indicate a need to provide practical approaches to integrate safety work into large-scale agile development and point towards possible solutions, e.g., modular safety cases. Keywords: Scaled Agile, Safety-Critical Systems, Software Processes, R-Scrum, SafeScrum
Traceability is crucial for many activities in software and systems engineering including monitoring the development progress, and proving compliance with standards. In practice, the use and maintenance of trace links are challenging as artifacts undergo constant change, and development takes place in distributed scenarios with multiple collaborating stakeholders. Although traceability management in general has been addressed in previous studies, there is a need for empirical insights into thedoi:10.1007/s00766-018-0306-1 fatcat:7hgirnfpwrdrvexsfjgdflypku
more »... insights into the collaborative aspects of traceability management and how it is situated in existing development contexts. The study reported in this paper aims to close this gap by investigating the relation of collaboration and traceability management, based on an understanding of characteristics of the development effort. In our multiple exploratory case study, we conducted semistructured interviews with 24 individuals from 15 industrial projects. We explored which challenges arise, how traceability management can support collaboration, how collaboration relates to traceability management approaches, and what characteristics of the development effort influence traceability management and collaboration. We found that practitioners struggle with the following challenges: (1) collaboration across team and tool boundaries, (2) conveying the benefits of traceability, and (3) traceability maintenance. If these challenges are addressed, we found that traceability can facilitate communication and knowledge management in distributed contexts. Moreover, there exist multiple approaches to traceability management with diverse collaboration approaches, i.e., requirements-centered, developer-driven, and mixed approaches. While traceability can be leveraged in software development with both agile and plan-driven paradigms, a certain level of rigor is needed to realize its benefits and overcome challenges. To support practitioners, we provide principles of collaborative traceability management. The main contribution of this paper is empirical evidence of how culture, processes, and organization impact traceability management and collaboration, and principles to support practitioners with collaborative traceability management. We show that collaboration and traceability management have the potential to be mutually beneficial-when investing in one, also the other one is positively affected.
Knowledge about the current state of the system serves at least two purposes: it is the basis for decisions to act and adapt to ensure reliable operation and it can be used to verify the correctness of the system at runtime. Both purposes require that current information is available at runtime that can be evaluated. Thus, the system designers have to create a complex monitoring infrastructure that suits the purposes of the system. We propose a combination of proven techniques that can be useddoi:10.1109/issre.2013.6698901 dblp:conf/issre/EberhardingerSNR13 fatcat:k7vkncntjzgxrb4uqkytn7tdxm
more »... s that can be used as the basis for such a monitoring infrastructure. We combine it with a model-driven approach that allows a model transformation of information contained in the requirements and design documents to implementations of observers and controllers that allow adaptation at runtime based on current information as well as runtime verification. The approach can be easily integrated into an iterative-incremental software engineering process and is illustrated with two complex case studies.
Its structure changes in response to new information and changing conditions to enable each AVPP to balance its power demand and production (consequently forming the hierarchy as described in Steghöfer ...doi:10.5220/0004757700150027 dblp:conf/icaart/SchiendorferSR14 fatcat:gjixtmarcvevbddxzrnfzwpjm4
« Previous Showing results 1 — 15 out of 37 results