Tropos methodology

Top PDF Tropos methodology:

Secure Tropos: A Security Oriented Extension of the Tropos methodology

Secure Tropos: A Security Oriented Extension of the Tropos methodology

Tropos adopts the i* modelling framework [46], which uses the concepts of actors, goals and social dependencies for defining the obligations of actors (dependees) to other actors (dependers). This means the multiagent system and its environment are viewed as a set of actors, who depend on other actors to help them fulfil their goals. An actor [46] represents an entity that has intentionality and strategic goals within the multiagent system or within its organisational setting. A role represents an abstract characterisation of the behaviour of a social actor within some specialised context or domain of endeavour [46]. A position represents a set of roles, typically played by one agent. A (hard) goal [46] represents a condition in the world that an actor would like to achieve. In other words, goals represent actors’ strategic interests. In Tropos, the concept of hard-goal (simply goal hereafter) is differentiated from the concept of soft-goal. A soft-goal is used to capture non-functional requirements of the system, and unlike a (hard) goal, it does not have clear criteria for deciding whether it is satisfied or not and therefore it is subject to interpretation [46]. For instance, an example of soft-goal is “the system should be scalable”. A task (also called plan in Tropos) represents, at an abstract level, a way of doing something [17]. The fulfilment of a task can be a means for satisfying a goal, or for contributing towards the satisficing of a soft-goal. In Tropos different (alternative) tasks, that actors might employ to achieve their goals, are modelled. Therefore developers can reason about the different ways that actors can achieve their goals and decide for the best possible way. A resource [17] presents a physical or informational entity that one of the actors requires. The main concern when dealing with resources is whether the resource is available and who is responsible for its delivery. A dependency [46] between two actors represents that one actor depends on the other to attain some goal, execute a task, or deliver a resource. The depending actor is called the depender and the actor who is depended upon is called the dependee. The type of dependency describes the nature of an agreement (called dependum) between dependee and depender. A capability [17] represents the ability of an actor of defining, choosing and executing a task for the fulfilment of a goal, given certain world conditions and in presence of a specific event. Figure 1 depicts a graphical representation of the above-mentioned concepts as used in the Tropos methodology.

30 Read more

Using the Tropos Approach to Inform the UML Design: An Experiment Report

Using the Tropos Approach to Inform the UML Design: An Experiment Report

This paper details one experiment where BSc students at the university of East London, UK, produced both Tropos and UML diagrams towards the assessment of a scenario where a software system has to be built. The UML and Tropos diagrams were assessed against the benchmark pro- duced as a marking scheme, and it is questioned whether the presence of the Tropos methodology has helped in the completeness of the resulting UML diagrams. This paper is the first of two experiments, where the Tropos methodology is used to inform the UML design: we plan to replicate this experiment in the semester starting in February 2011, without the Tropos “treatment”: students will be required to work on the same scenario, but no Tropos diagrams will be required (or taught), therefore allowing for the comparison of two different sets of UML diagrams. This will provide the basis for comparing the effectiveness (or not) of the two combined approaches.

8 Read more

Adapting Secure Tropos for Security Risk Management during Early Phases of the Information Systems Development

Adapting Secure Tropos for Security Risk Management during Early Phases of the Information Systems Development

running example is suitable to demonstrate our work for two main reasons: (i) security and risk are two important factors in the development and implemen- tation of an electronic system to support the Single Assessment Process; (ii ) security of the system have been successfully analysed using the Secure Tropos methodology [27]. Therefore, by revisiting the running example, we are able to identify the exact contributions of this paper. eSAP is an IS to support inte- grated assessment of the health and social care needs of elderly and it is based on the Single Assessment Process, which is part of the National Service Frame- work (NSF) for Older People Services of the English Department of Health. Due to space limitations, we focus for our running example on one of the most important aspects to make the eSAP running: the Patient personal information.

16 Read more

Requirements Engineering for Self-Adaptive Software: Bridging the Gap Between Design-Time and Run-Time

Requirements Engineering for Self-Adaptive Software: Bridging the Gap Between Design-Time and Run-Time

Likewise, to analyze adaptation requirements, goals have been acknowl- edged and used as a useful abstraction in many requirements engineering approaches [vL01b, LLY + 06]. The goal-oriented approach is also widely adopted for variability modeling, and has been well acknowledged in (early) requirements engineering for eliciting, specifying, analyzing, and document- ing software requirements. The overall idea of goal-oriented modeling and analysis revolves around the notion of goal, which allows to capture functional and non-functional aspects of the system-to-be from stakeholder’s perspec- tive. At this point, the goal is decomposed into sub goals using AND/OR decompositions. Later a special attention is given to represent the refinements of various viewpoints considering the variability concerns. In this way, it is possible to reason about alternatives based on AND/OR decompositions. High-level goals are said to be satisfied when the sub goals have been fulfilled. Penserini et al. in [PPSM07a] uses the TROPOS methodology to model variability in user’s needs and preferences, in terms of alternatives for goal achievement at requirements-time. The modeled variability reflects into the design and coding of Belief-Desire-Intention (BDI) agents, which are able to switch from a behavior to a most appropriate one, depending on the perceived environment conditions (including user preferences) at run-time. In this work, goal alternatives represented in the requirements models map to software agents goal models in the design and code artifacts. This helps answering the question of “HOW”, as well as “WHAT and WHY” for run-time adaptation. self-adaptive software requirements expressed as goal models can be mapped to BDI architecture resulting into an agent-based design framework to capture the said adaptivity requirements by Morandini et al. in [MPP08], which seems promising step towards an agent-oriented self-adaptive software research.

245 Read more

Use Case Application in Requirements Analysis using Secure Tropos to UMLsec   Security Issues

Use Case Application in Requirements Analysis using Secure Tropos to UMLsec Security Issues

Secure tropos is the security extension of tropos methodology that composed the security constraint into the system requirement modelling. It covers four main software development phases that is early requirement, late requirement analysis, architectural design and detailed design. And UMLsec is the extension of UML that is used to capture the critical security in system development. The major diagrams in UMLsec are activity diagram. Class diagram, sequence diagram, state chart diagram and Deployment diagram. According to Jurjens [10] activity diagram hold secure control flow coordination, a class diagram controls the security level during data exchange, a sequence diagram hold security critical interaction, a state chart diagram security preserved within object and a deployment diagram contains the physical security requirement. According to Mouratidis [9] Tropos model is mainly analysis model of the system and UML are mainly design model of the system.

5 Read more

Security Testing in Requirements Phase of SDLC

Security Testing in Requirements Phase of SDLC

T. Y. Chen, Pak-Lok Poon, Sau-Fun Tang, T. H. Tse and Yuen Tak Yu proposed a methodology for applying testing to requirements inspection for software quality assurance. The proposed methodology incorporates two approaches: requirements inspection and software testing. These two are the most important quality assurance activities. perspective- based reading(PBR), approach used in requirements inspection, operates under the premise that different information in a specification has different levels of importance for different uses of the document and Classification-Tree Method is used in software testing [27]. Paolo Giorgini, Fabio Massacci, and Nicola Zannone proposed a method for secure requirement engineering. This Secure Tropos methodology is a formal framework for modelling and examining security, that enhances the agent- oriented software development methodology i*/Tropos. They illustrated the Secure Tropos approach and some later refinements of the Secure Tropos methodology to address some of its shortcomings they also introduce the ST-Tool, a CASE tool that supports Secure Tropos methodology [28]. Orlena C. Z. Gotel and Anthony C. W. Finkelstein performed an analysis of the requirements traceability problem. In this analysis, they identified the underlying nature of the requirements traceability problem. They gave a distinction between pre-requirements specification (pre-RS) traceability and Post-requirement specification(post-RS) traceability. It help in improving the problem that the developers generally identify after the development of a software due to poor requirement traceability [29].

5 Read more

A CASE tool to support automated modelling and analysis of security requirements

A CASE tool to support automated modelling and analysis of security requirements

The aforementioned tools, although they were developed for different ultimate purposes, they provide support for the i* modelling framework, which is the modelling framework that was adopted by Secure Tropos as well. But, Secure Tropos introduces new concepts that none of the previous tools enables their graphical representation, i.e. security constraint, secure goal, secure plan, secure resource, and secure capability. Also, the previous tools don’t provide support for the modelling activities that Secure Tropos introduces, i.e. security constraint modelling, secure entities modelling, and secure capability modelling. So, despite the fact that experienced users with Secure Tropos can make conventions and use the previous tools to construct single diagrams; these tools are not adequate to support the Secure Tropos methodology.

15 Read more

Secure Tropos: An Agent Oriented Software Engineering Methodology for the Development of Health and Social Care Information Systems

Secure Tropos: An Agent Oriented Software Engineering Methodology for the Development of Health and Social Care Information Systems

This paper defines such requirements and it presents Secure Tropos, an agent oriented methodology, which is an extension of the Tropos methodology [14]. Tropos demonstrates characteristics that make it ideal for the development of health and social care information systems. Firstly, it allows a deeper understanding of not only the system, but also of the environment in which the system would operate. Secondly, Tropos employs the same concepts and notations throughout the development process leading to a homogeneous development that is easier to understand by non-software engineering experts (such as the health and social care professionals). Thirdly, it employs real life concepts and therefore it narrows the gap between the concepts used by the health and social care professionals and the system developers. Moreover, Secure Tropos adds a fourth important characteristic by considering security issues as an integral part of its development process; therefore leading to the development of secure systems, something very important in the case of health and social care information systems.

62 Read more

On-To-Methodology: Ontology Development Methodology

On-To-Methodology: Ontology Development Methodology

Since there exists no one methodology that can be applied in all scenarios of ontology development, our main emphasis here is on building a methodology that can be used as a standard method for ontology construction under various domains. For this we have proposed a method namely On-To-Methodology. Then we illustrated our methodology by working out an Ontology of bikes.

25 Read more

FUZZY BASED DETECTION AND SWARM BASED AUTHENTICATED ROUTING IN MANET

FUZZY BASED DETECTION AND SWARM BASED AUTHENTICATED ROUTING IN MANET

i * and Tropos, have been extended to represent requirements for system adaptation. Tropos4AS[1]extends Tropos in order to allow designers to model non-intentional elements using UML class diagrams, specifying resources that belong to an agent and the ones that belong to the environment. This framework allows the modeling of undesirable (faulty) states, which are known to be possible at runtime and should trigger system adaptation. Finally, Morandini [1] maps the goal models to the Jadex platform for run-time implementation.

10 Read more

STRENGTHENING ANTI JAM GPS SYSTEM WITH ADAPTIVE PHASE ONLY NULLING USING 
EVOLUTIONARY ALGORITHMS

STRENGTHENING ANTI JAM GPS SYSTEM WITH ADAPTIVE PHASE ONLY NULLING USING EVOLUTIONARY ALGORITHMS

substitute sets of functional requirements that can each accomplish these goals. These alternatives can be evaluated with respect to nonfunctional necessities posed by stakeholders. In the previous paper, they propose a goal-oriented approach for analyzing risks during the requirements analysis phase. Risks are analyzed along with stakeholder interests, and then countermeasures are identified and introduced as part of the system’s requirements. This work extends the Tropos goal modeling formal framework suggesting new concepts, qualitative reasoning techniques, and methodological procedures. The approach is based on a conceptual framework composed of three primary layers: assets, events, and treatments. In the field of software engineering, the requirement engineering is getting special attention as it is based on the stakeholder’s interests. The main factors that a requirement engineering process considers are business requirements and user requirements. The requirements are used to enhance the development of the software product with low cost and the time it should satisfy all the requirements. One of the sensitive areas, which every software development process concentrate is the risk involved with the process. So, particular assessment measures have to be taken in order to minimize the risks in software development process. YudistiraAsnar and Paolo Giorgini [14] have proposed a method for risk analysis in requirement engineering. The method deals with a software development method called, Tropos Goal Model and with a Probabilistic Risk Analysis (PRA). Inspired from their work, we are planning to propose an approach on extending the Tropos model with risk analysis feature. Tropos goal model consists of three layers, mainly Goal layer (GL), Event layer (EL) and Treatment layer (TL). The GL consists of set of goals that has to fulfill by the process and EL contains the constructs which helps to achieve the goals. The TL is working as the input, which helps in achieving the goals.

11 Read more

Microphysical particle properties derived from inversion algorithms developed in the framework of EARLINET

Microphysical particle properties derived from inversion algorithms developed in the framework of EARLINET

We followed two conceptual approaches. One methodol- ogy was developed at the Leibniz Institute for Tropospheric Research (TROPOS), Leipzig, Germany. The development of the methodology continues at the University of Hertford- shire (UH). The second method was developed at the Uni- versity of Potsdam (UP) (Potsdam, Germany). Both methods in part follow the same basic mathematical concepts in the sense that they are true inversion algorithms. True inversion algorithms mean the following: (a) the underlying mathemat- ical equations that connect the microphysical particle prop- erties (which are the variables we are interested in) and the optical properties (which are the variables that are measured with lidar) are solved explicitly; (b) therefore we do not carry out forward computations, which are commonly referred to as Mie-scattering computations; (c) we do not use traditional look-up tables that contain an array of microphysical aerosol properties and the optical properties that belong to these mi- crophysical properties; and (d) our approach neglects con- straints that are used in forward computations, for example the need to prescribe the shape of the particle size distribu- tion as input.

29 Read more

Agile Methodology: A new Approach over Traditional Methodology

Agile Methodology: A new Approach over Traditional Methodology

Abstract: Software has been part of current culture for more than 50 years. In this era, interest is growing in application of Global Software Development (GSD) project. In project the main focus on the software quality now days. There are many methodologies in the developing the software among that there are most common are heavyweight and lightweight methodologies .Both have pros and cons. we examine the quality assurance techniques of traditional and agile approaches have described the characteristics of some traditional and agile methodologies that are widely used in software development have discussed strength and weakness between the two opposing methodologies and provided the challenges associated with implementing agile process in software industry. The trend is development industry is to move towards the Global Software Development. The characteristics of software projects the lead to challenges in applying traditional project management approaches are examine and agile alternatives introduced. This anecdotal for evidence is rising regarding the effectiveness of agile methodologies in certain environment; but there have not been much collection and analysis of empirical evidence for agile projects. The concept of agility which emphasizes human role in software development process, is revolutionizing the system analysis and design field as well as the software engineering field. However, to support my dissertation I conducted a questionnaires, soliciting feedback from software industry practitioners to evaluate which methodology has a better success rate for different sizes of software development. According to our findings agile methodologies can provide good benefits for small scaled and medium scaled

5 Read more

Risk analyzer   calculation methodology

Risk analyzer calculation methodology

The framework/methodology is about scoring each event of persons falling in “R” to represent how the event is important or complex from their point of view. This is for other persons falling in group like “A” and “I” to get essence of resource capability, business and technology oriented risk, helps in taking respective strategic decisions and it is a unique way of communication between different levels of RACI model.

6 Read more

Internalism as Methodology

Internalism as Methodology

at pursuing some serious understanding of how I-language is embedded in sociolinguistic contexts, and specifically how the utterances generated with recourse to I-language are used in a given context to refer to things outside the head. Admittedly, internalists have scarcely started to understand how an I- language that an individual possesses contributes to the semantico-pragmatic performance of that individual in a sufficiently comprehensive way, and thus it would be an inextricable leap at this point to broaden the object of study to individuals’ varying deference and any other E-linguistic notions; hopelessly complicating the task. We need a more complete understanding of the internal properties of I-language before we can even attempt to try to understand how individuals utilize them to deal with all sorts of E-language phenomena. This is a very different methodology than that of externalists, and a difference that Lassiter seems to have failed to notice. In total, we see that there are both theoretical and metholodogical reasons to be skeptical regarding (B) (cf. Collins 2009).

11 Read more

A. Study Methodology

A. Study Methodology

There are various definitions of skills gap. Formal methodology for quantifying a “skills gap” is either completely lacking as in much of the policy-oriented research, or is too convoluted as is often the case in the economic literature [4]. The difference between the skills needed for a job versus those skills acquired by a prospective worker is the definition adopted in this paper. An economic-theory driven approach to skills gap analysis is followed by comparing aggregate data on labour supply and demand. The skill gap is calculated as the industry skill demand minus the education skill supply. The intention of the skills gap analysis is to indicate whether present local ICT employees have the necessary skills and competence for their jobs and if not, what further development they need.

6 Read more

Methodology of the Sciences

Methodology of the Sciences

psychology, and theory of language are taken to be scientific. In the sciences themselves, the scope of contemporary research projects, in which no one person can complete a given project, and scientists of various kinds of training and background must cooperate, has provoked discussion of how this fact affects the practice and the epistemology of science. A clearly conceived ideal of a common methodology, or at least of common aims and practices, might resolve problems encountered by cooperative intellectual enterprises. Dilthey's own work probably does not succeed in articulating such an ideal, but should be valued for its appreciation of the importance of cooperation in the methods of the sciences.

25 Read more

Enhancing secure Tropos to effectively deal with security requirements in the development of multiagent systems

Enhancing secure Tropos to effectively deal with security requirements in the development of multiagent systems

Our work is not the only one in the agent paradigm pool that tries to integrate security issues as an internal part of the development process. Liu et al. [10] presented work in which security requirements are analysed as relationships between actors, such as users, stakeholders and potential attackers. Liu proposes three different kinds of analysis techniques: agent oriented, goal oriented and scenario based analysis. Agent oriented analysis is used to model potential threats and security measures, whereas goal oriented analysis is employed for the development of a catalogue to help towards the identification of the different security relationships on the system. Finally, the scenario based analysis is considered an elaboration of the other two kinds of analysis. Yu and Cysneiros [21] use the concept of a soft-goal to assess different design alternatives, and how each of these alternatives would contribute positively or negatively in achieving the soft-goal. However, these approaches only guide the consideration of security issues on specific development stages, in other words both of them are focused only in the requirements engineering area. Our approach, in contrast, considers security issues throughout the development process. As indicated in [3], it is important to consider security issues throughout the development process. Moreover, Huget [5] has proposed an agent oriented software methodology, called Nemo, which considers some security aspects. However, in his approach security is not considered as a specific concept but it is integrated within the other models of the methodology. As indicated earlier, it is important to model together security and functional requirements but at the same time provide a clear distinction. Moreover, Nemo tackles security quite superficially and as Huget states [5] “particularly, security has to be intertwined more deeply within the models”.

22 Read more

An Efficient Risk Analysis based Risk Priority in Requirement Engineering using Modified Goal Risk Model

An Efficient Risk Analysis based Risk Priority in Requirement Engineering using Modified Goal Risk Model

factors that a requirement engineering process considers are business requirements and user requirements. The requirements are used to enhance the development of the software product with low cost and the time it should satisfy all the requirements. One of the sensitive areas, which every software development process concentrate is the risk involved with the process. So, particular assessment measures have to be taken in order to minimize the risks in software development process. YudistiraAsnar and Paolo Giorgini [13] have proposed a method for risk analysis in requirement engineering. The method deals with a software development method called, Tropos Goal Model and with a Probabilistic Risk Analysis (PRA). Inspired from their work, we are planning to propose an approach on extending the Tropos model with risk analysis feature. Tropos goal model consists of three layers, mainly Goal layer (GL), Event layer (EL) and Treatment layer (TL). The GL consists of set of goals that has to fulfill by the process and EL contains the constructs which helps to achieve the goals. The TL is working as the input, which helps in achieving the goals. A modified Tropos goal model was developed in which the evidence of satisfaction and denial of the goal is calculated from the likelihood of the events corresponding to the goals. Relations are defined between multiple goals and events, which define the importance of a particular goal. The event may be considered as a risk according to their likelihood value. So the inter relation values of the goals and events gives the impact of that event on the particular goal. In order to analyze the risk in achieving some particular goals, a set of candidate solutions are generated. The candidate solutions are evaluated on the basis of a risk affinitive value of the goals according to their events. The risk affinitive value is calculated from the different set of risk parameters, which is set like high, medium and low. The risk parameters clearly evaluate the affinity of that event to a particular set of goals. The proposed approach mainly concentrates on three features namely, cost analysis, risk priority calculation and cost to risk analysis.

11 Read more

Show all 8590 documents...