John Mylopoulos

Mohamad Gharib, John Mylopoulos

Nowadays, most companies need to collect, store, and manage personal information in order to deliver their services. Accordingly, privacy has emerged as a key concern for these companies since they need to comply with privacy laws and regulations. To deal with them properly, such privacy concerns should be considered since the early phases of system design. Ontologies have proven to be a key factor for elaborating high-quality requirements models. However, most existing work deals with privacy as a special case of security requirements, thereby missing essential traits of this family of requirements. In this paper, we introduce COPri, a Core Ontology for Privacy requirements engineering that adopts and extends our previous work on privacy requirements engineering ontology that has been mined through a systematic literature review. Additionally, we implement, validate and then evaluate our ontology.

Mohamad Gharib, Paolo Giorgini, John Mylopoulos

Privacy has been frequently identified as a main concern for system developers while dealing with/managing personal information. Despite this, most existing work on privacy requirements deals with them as a special case of security requirements. Therefore, key aspects of privacy are, usually, overlooked. In this context, wrong design decisions might be made due to insufficient understanding of privacy concerns. In this paper, we address this problem with a systematic literature review whose main purpose is to identify the main concepts/relations for capturing privacy requirements. In addition, the identified concepts/relations are further analyzed to propose a novel privacy ontology to be used by software engineers when dealing with privacy requirements.

Feng-Lin Li, Alexander Borgida, Giancarlo Guizzardi et al.

The requirements elicited from stakeholders are typically informal, incomplete, ambiguous, and inconsistent. It is the task of Requirements Engineering to transform them into an eligible (formal, sufficiently complete, unambiguous, consistent, modifiable and traceable) requirements specification of functions and qualities that the system-to-be needs to operationalize. To address this requirements problem, we have proposed Desiree, a requirements calculus for systematically transforming stakeholder requirements into an eligible specification. In this paper, we define the semantics of the concepts used to model requirements, and that of the operators used to refine and operationalize requirements. We present a graphical modeling tool that supports the entire framework, including the nine concepts, eight operators and the transformation methodology. We use a Meeting Scheduler example to illustrate the kinds of reasoning tasks that we can perform based on the given semantics.

Chi Mai Nguyen, Roberto Sebastiani, Paolo Giorgini et al.

We are interested in supporting software evolution caused by changing requirements and/or environmental settings. For example, users of a system may require new functionality (changing requirements), or performance enhancements to cope with growing user population. Specifically, we propose to use goal models to capture such changes, and exploit reasoning techniques that derive optimal new specifications for a system whose requirements and/or environment have changed. Moreover, we are interested in discovering new classes of evolution requirements, for example, that give preference to evolutions that minimize implementation effort for the implementation of the evolution. To address both of these problems, we exploit Constraint Goal Models (CGMs) an expressive language for modelling goals that comes with scalable solvers that can solve hybrid constraint and optimization problems using a combination of Satisfiability Modulo Theories (SMT) and Optimization Modulo Theories (OMT) solvers. We evaluate our proposal by modeling and reasoning with a goal model for meeting scheduling.

Feng-Lin Li, John Mylopoulos

The requirements elicited from stakeholders suffer from various afflictions, including informality, incompleteness, ambiguity, vagueness, inconsistencies, and more. It is the task of requirements engineering (RE) processes to derive from these an eligible (formal, complete enough, unambiguous, consistent, measurable, satisfiable, modifiable and traceable) requirements specification that truly captures stakeholder needs. We propose Desiree, a refinement calculus for systematically transforming stakeholder require-ments into an eligible specification. The core of the calculus is a rich set of requirements operators that iteratively transform stakeholder requirements by strengthening or weakening them, thereby reducing incompleteness, removing ambiguities and vagueness, eliminating unattainability and conflicts, turning them into an eligible specification. The framework also includes an ontology for modeling and classifying requirements, a description-based language for representing requirements, as well as a systematic method for applying the concepts and operators. In addition, we define the semantics of the requirements concepts and operators, and develop a graphical modeling tool in support of the entire framework. To evaluate our proposal, we have conducted a series of empirical evaluations, including an ontology evaluation by classifying a large public requirements set, a language evaluation by rewriting the large set of requirements using our description-based syntax, a method evaluation through a realistic case study, and an evaluation of the entire framework through three controlled experiments. The results of our evaluations show that our ontology, language, and method are adequate in capturing requirements in practice, and offer strong evidence that with sufficient training, our framework indeed helps people conduct more effective requirements engineering.

Chi Mai Nguyen, Roberto Sebastiani, Paolo Giorgini et al.

Goal models have been widely used in Computer Science to represent software requirements, business objectives, and design qualities. Existing goal modelling techniques, however, have shown limitations of expressiveness and/or tractability in coping with complex real-world problems. In this work, we exploit advances in automated reasoning technologies, notably Satisfiability and Optimization Modulo Theories (SMT/OMT), and we propose and formalize: (i) an extended modelling language for goals, namely the Constrained Goal Model (CGM), which makes explicit the notion of goal refinement and of domain assumption, allows for expressing preferences between goals and refinements, and allows for associating numerical attributes to goals and refinements for defining constraints and optimization goals over multiple objective functions, refinements and their numerical attributes; (ii) a novel set of automated reasoning functionalities over CGMs, allowing for automatically generating suitable refinements of input CGMs, under user-specified assumptions and constraints, that also maximize preferences and optimize given objective functions. We have implemented these modelling and reasoning functionalities in a tool, named CGM-Tool, using the OMT solver OptiMathSAT as automated reasoning backend. Moreover, we have conducted an experimental evaluation on large CGMs to support the claim that our proposal scales well for goal models with thousands of elements.