Goal-driven risk assessment in requirements engineering

被引：0

作者：

Yudistira Asnar

Paolo Giorgini

John Mylopoulos

机构：

[1] University of Trento,Department of Information Engineering and Computer Science

来源：

Requirements Engineering | 2011年 / 16卷

关键词：

Risk assessment; Requirement analysis; Goal-oriented requirement engineering;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

Risk analysis is traditionally considered a critical activity for the whole software system’s lifecycle. Risks are identified by considering technical aspects (e.g., failures of the system, unavailability of services, etc.) and handled by suitable countermeasures through a refined design. This, however, introduces the problem of reconsidering system requirements. In this paper, we propose a goal-oriented approach for analyzing risks during the requirements analysis phase. Risks are analyzed along with stakeholder interests, and then countermeasures are identified and introduced as part of the system’s requirements. This work extends the Tropos goal modeling formal framework proposing new concepts, qualitative reasoning techniques, and methodological procedures. The approach is based on a conceptual framework composed of three main layers: assets, events, and treatments. We use “loan origination process” case study to illustrate the proposal, and we present and discuss experimental results obtained from the case study.

引用

页码：101 / 116

页数：15

共 28 条

[1] Boehm BW(1991)Software risk management: principles and practices IEEE Softw 8 32-41
[2] Bresciani P(2004)Tropos: an agent-oriented software development methodology J Auton Agent Multi Agent Syst 8 203-236
[3] Perini A(1993)Goal-directed requirements acquisition Sci Comput Program 20 3-50
[4] Giorgini P(2003)Formal reasoning techniques for goal models J Data Semantics 1 1-20
[5] Giunchiglia F(2002)A software fault tree approach to requirements analysis of an intrusion detection system Requir Eng J 7 207-220
[6] Mylopoulos J(2004)Defining risk Financ Anal J 60 19-25
[7] Dardenne A(1997)HAZOP—past and future Reliab Eng Syst Saf 55 263-266
[8] van Lamsweerde A(2000)Handling obstacles in goal-oriented requirements engineering IEEE Trans Softw Eng 26 978-1005
[9] Fickas S(1997)Requirements analysis using forward and backward search Ann Softw Eng 3 459-475
[10] Giorgini P(1999)Attack trees: modeling security threats Dr Dobbï J 12 21-29

← 1 2 3 →