Friday October 22nd, 2 pm, in the debugging room #BA3234
Finding Solutions in Goal Models: An Interactive Backward Reasoning Approach, Jennifer Horkoff and Eric Yu
A practice talk for ER'10
Modeling in the early stage of system analysis is critical for understanding stakeholders, their needs, problems, and different viewpoints. We advocate methods for early domain exploration which provoke iteration over captured knowledge, helping to guide elicitation, and facilitating early scoping and decision making. Specifically, we provide a framework to support interactive, iterative analysis over goal- and agent-oriented (agent-goal) models. Previous work has introduced an interactive evaluation procedure propagating forward from alternatives allowing users to ask \What if?" questions. In this work we introduce a backwards, iterative, interactive evaluation procedure propagating backward from high-level target goals, allowing users to ask "Is this possible?" questions. The approach is novel in that it axiomatizes propagation in the i* framework, including the role of human intervention to potentially resolve conflicting contributions or promote multiple sources of weak evidence.
Friday October 22nd, 2:30 pm, in the debugging room #BA3234
Reasoning with Optional and Preferred Requirements, Neil A. Ernst, John Mylopoulos, Alex Borgida and Ivan J. Jureta
A practice talk for ER'10
Of particular concern in requirements engineering is the se- lection of requirements to implement in the next release of a system. To that end, there has been recent work on multi-objective optimization and user-driven prioritization to support the analysis of requirements trade- offs. Such work has focused on simple, linear models of requirements; in this paper, we work with large models of interacting requirements. We present techniques for selecting sets of solutions to a requirements prob- lem consisting of mandatory and optional goals, with preferences among them. To find solutions, we use a modified version of the framework from Sebastiani et al. to label our requirements goal models. For our framework to apply to a problem, no numeric valuations are necessary, as the language is qualitative. We conclude by introducing a local search technique for navigating the exponential solution space. The algorithm is scalable and approximates the results of a naive algorithm.
Wed, September 22nd, 2 pm, in the debugging room #BA3234
White-Box Testing of Service Compositions Via Event Interfaces-Chunyang Ye
Chunyang Ye, MSRG.org, University of Toronto
Service-oriented applications are usually composed of services from different organizations. To protect the business interests of service providers, the implementation details of services are usually invisible to service consumers. This makes it challenging to white-box test service-oriented applications because of the difficulty to determine accurately the test coverage of a service composition as a whole and the difficulty to design test cases effectively. To address this problem, we propose an approach to white-box test service compositions based on events exposed by services. By deriving event interfaces to explore test coverage information from service implementations, our approach allows service consumers to determine accurately test coverage during testing based on events exposed by services at runtime. We also develop an approach to design test cases effectively based on services' event interfaces. The experimental results show that our approach outperforms existing testing approaches for service compositions with 30\% more test coverage rate, 19\% more fault-detection rate and 80\% fewer test cases needed.
Bio:
Chunyang Ye received his B. Eng degree from The Department of Computer
Science, The University of Science and Technology of China in 2000, M.
Eng degree from The Institute of Software, Chinese Academy of Sciences
in 2003, and PhD degree from The Department of Computer Science and
Engineering, Hong Kong University of Science and Technology in 2008. He
is now visiting The University of Toronto in The Department of
Electrical and Computer Engineering. His research interests include
Software Engineering issues on Service Computing, Workflow, Exception
Handling, Dependable Computing, and Event-based systems.
Monday, August 9th, 2 pm, in the debugging room #BA3234
Nauman Ahmed Qureshi, Centre for Information Technology, Fondazione Bruno Kessler (FBK-Irst) and University of Trento, Italy
Requirements Engineering for Self-Adaptive Systems
Requirements Engineering is challenging for Self-Adaptive Systems and in particular
Service-based Applications (SBA). They are inherently open and distributed, as they
rely on third-party services that are available over the Internet, and have to cope
with the dynamism of such operating environment. Therefore, a key feature of such
systems is that of being aware of the changes in both their operating environment
by simultaneously remaining aware of their users' goals and preferences through
monitoring, evaluate such changes and adapt to a suitable alternative that can
satisfy them. Engineering such applications significantly challenges the role of
requirements engineering (RE). Usually, RE is carried out at the outset of the whole
development process, but in the context of self-adaptive SBA, RE activities are also
needed at run-time thus enabling a seamless SBA evolution.
This talk will present an ongoing work on a novel framework for building self-adaptive SBA that is goal- and user-oriented. The framework enables continuous adaptive requirements engineering (CARE) that supports continuous refinement of requirements artifacts at run-time, which involves consumers and the SBA itself as primary stakeholders. Later, conclusions and future work will be presented in the end.
Biography:
Nauman A. Qureshi is a PhD Student at the Centre for Information Technology,
Fondazione Bruno Kessler (FBK-Irst) and University of Trento, Italy. Before joining
his PhD, Nauman worked as a Visiting Faculty (Adjunct Faculty) at University of
North Carolina a Chorlette (UNCC), USA and Lectuer at National University of
Sciences and Technology (NUST), Pakistan, from where he recieved his MS degree in
Computer Science (Information Technology). In his current research Nauman focuses on
how to engineer requirements for self-adaptive systems (SAS) in general and in
particular service-based applications (SBA). Mainly he is intrested in reappraisal
of requirements at run-time considering contextual changes in the environment. Apart
from requirements engineering for SAS and Service-Based Applications, his research
interests include goal-oriented Requirements Engineering and Agent-Oriented Software
Engineering.
June 17, 11am
Markus Strohmaier, Technical University of Graz, Austria
Navigability of Social Tagging Systems
While navigability of small-scale hypertext systems used to be a system attribute within full control of system designers, certain attributes of social tagging systems are beyond the control of software designers. To give an example: The navigational structures and properties of social tagging systems are the result of emerging tagging behaviour among a large number of users rather than the result of deliberate design decisions of a single software desinger. Yet, it is a widely held belief among designers of social tagging systems that tags, and in particular tag clouds, represent a useful tool for navigation. This is evident in, for example, the increasing number of tagging systems offering tag clouds for navigational purposes, which hints towards an implicit assumption that tag clouds support efficient navigation. In this talk, I will examine this assumption from a network-theoretic perspective, and show that in many cases it does not hold. We will first model navigation in tagging systems as a bipartite graph of tags and resources and then simulate the navigation process in such a graph. We use network-theoretic properties to analyse the navigability of three tagging datasets with regard to different user interface restrictions imposed by tag clouds. The results confirm that tag-resource networks have efficient navigation properties in theory, but they also show that popular user interface decisions (such as “pagination” combined with reverse-chronological listing of resources) significantly impair the potential of tag clouds as a useful tool for navigation. Based on these findings, I will identify a number of avenues for further research and the design of novel tag cloud construction algorithms. This work is relevant for researchers interested in navigability of emergent hypertext structures, and for engineers seeking to improve the navigability of social tagging systems.
Bio: Markus Strohmaier is an Assistant Professor at the Knowledge Management Institute at Graz University of Technology, Austria since 06/2007. From 03/2006 to 05/2007 he was a Post-Doctoral Research Fellow in Eric Yu's group at the Department of Computer Science at University of Toronto, which was funded by an FWF Erwin Schroedinger Postdoctoral Fellowship. From 08/2009 to 09/2009 he was a visiting scientist at the Palo Alto Research Center (formerly XEROX PARC). He is principal investigator of the 2.5 years basic research project "TransAgere" that focuses on the role of (human) agents and goals on the social web (2007-2010). His research interests include web research, knowledge management and intentional knowledge bases.
Jennifer Horkoff, Thursday June 3, 2pm
A Framework for Iterative, Interactive Analysis of Agent-Goal Models in Early Requirements Engineering (Practice talk for iStar'10)
The early stage of domain analysis in requirements engineering is critical for understanding the stakeholders, their needs, problems, and how views of these problems differ. We advocate methods for early domain exploration which provoke iteration over captured knowledge, prompting analysts and stakeholders to review what is known, helping to guide elicitation, and facilitating early scoping and decision making. Specifically, we provide a framework to support interactive, iterative analysis over goal- and agent-oriented (agent-goal) models. The framework will allow for multiple types of analysis questions, manage alternative evaluations over a model, manage interactive results, capture model assumptions and arguments, and support iteration over all constructs. Initial case study experience shows that interactive evaluation provokes model iteration and domain exploration. Further case studies will be developed to test the benefits of framework expansions.
Monday May 31st, 10am (tentative)
Yuan Gu, Co-Founder and Chief Architect of Cloakware Senior Director of Cloakware Advanced Research Center Irdeto Canada
Software Protection == White-Box Security
We are entering a new technological age for consumer electronics, in which previously unprecedented bandwidth and reach are becoming the norm. Advanced Internet-based technologies and broadband content are penetrating every aspect of life. The consumer’s interface – hand-held devices (portable media players, smart phones) and home networking (set-top boxes, media players, and the ever-more-flexible personal computer) – demand increasing software-mediated intelligence at the end-nodes of communication fabrics. (Isolating such intelligence on servers is impossible: the cost in latency and loss of scalability is too high. Moreover, only minimal hardware protection is competitively feasible in commodity consumer electronics). Software controlling such devices is thus increasingly deployed without the traditional protection of computer isolation: users enjoy total physical access to host devices and application software installed on them.
Malicious users have complete access to mount direct attacks of any kind, scope, and duration, using widely available tools permitting static and dynamic inspection and observation of software code. They can modify it, replace it, run it under their own control, and extract it to be deployed for their own purposes elsewhere. Worse yet, a successful attack by a highly-skilled attacker or attack-team may be converted into an automated attack, which can then be made widely available for subsequent launch by hoards of far more weakly-skilled attackers.
The modern attack landscape is thus characterized by ‘Man-at-the-End' (White-Box) attacks. Traditional perimeter defenses are useless against such attacks. Security solutions addressing ‘Man-in-the-Middle’ attacks have very limited relevance to these types of assaults. While protecting against White-Box attacks is far more challenging than addressing Black-Box or Grey-Box attacks, meeting this challenge is essential to the future of our industry.
We must not only prevent and disable direct and automated White-Box attacks, but diagnose and mitigate them to shut down wide-spread, pandemic attacks, so that protected application systems can remain trustworthy even when deployed in highly-exposed consumer environments. We must build device-control software which can rapidly recover and renew its protections when attacks are detected, so that the system as a whole remains highly available and obstinately robust in the presence of the inevitable attacks - which accompany distribution of valuable content. Thus the role of software protection is to create applications which are stubbornly reliable in an increasingly hostile environment.
Many real life and modern server-client application systems - wireless systems, DRM systems, on-line banking systems, on-line shopping systems, and conditional access systems for cable or satellite - are highly attractive subjects for White-Box attackers since the client sides of such systems are typically homogeneous and distributed over a very large customer base: i.e., these systems make the attack surface extremely large. As the value of services deployed on such systems grows, so does their attraction as targets for hackers. Thus security against White-Box Man-at-the-End attacks is becoming absolutely essential to the successful deployment of such systems.
Short-Bio of Yuan Xiang Gu
Mr. Yuan Xiang Gu was the co-founder of Cloakware Corporation. And he has worked in several senior management positions of the company including the VP of Software Operation, VP of Technology Development and VP of Engineering since then.
Mr. Gu is a co-inventor of world leading edge software security and protection technology and he and his co-inventors are pioneers who created a brand new emerging software security and protection field and industry in the world. As a chief architect of Cloakware, Mr. Gu is responsible for Cloakware product architectures as well as technology development and evolution.
In 2007, Cloakware was acquired by Irdeto who penetrated China market over decade. Since then, as a senior director, Mr. Gu is also leading Cloakware Advanced Research Center to focus on the development of next generation Cloakware technology, and research collaboration with research communities worldwide including China.
Cloakware technology and products provides trusted security software and services to top-tier companies to protect their core digital assets that create revenue-generating business models. By keeping their core digital assets “cloaked” throughout creation, distribution and consumption, companies can protect their existing business models and create new sources of revenue. Cloakware protects billions of digital assets across servers, desktops and embedded devices that are deployed worldwide using the proven software security and protection, and services. Cloakware is the security cornerstone of many of the world's largest, most recognizable and technologically advanced companies.
Cloakware successful technology and business are making Mr. Gu a well recognized expert on software security and protection. Recently years, Mr. Gu visited about 20 universities and research institutes around world and held over 40 seminars on Cloakware technology of software security and protection, and is promoting it as a new emerging technology and industry.
Prior to joining Cloakware, Mr. Gu has worked as a senior scientist and architect at Nortel Networks at Ottawa of Canada, focusing on object-oriented languages, software environment, compiler technology, intelligent network technologies, computer security and software protection. Previously, Mr. Gu was a visiting professor at the Computer Science School of McGill University at Montreal of Canada, where his research interests included language-oriented environment, and design and implementation of parallel languages and systems. Before relocated to Canada, Mr. Gu was a professor in the Computer Science Department at Northwest University in China for 14 years, where he worked on software engineering, programming languages, compilers, operating systems and artificial intelligence.
Wed. 19th of May, 2:00 to 3:00 pm in the debugging room #BA3234
Jennifer Horkoff, Analyzing Goal Models – Different Approaches and How to Choose Among Them
Note: This is not a practice talk, it is an informal work in progress talk. I'm turning a rejected RE paper into an REJ paper and would appreciate some group feedback on a few issues.
Abstract:
Goal models have been found to be useful for understanding the motivations behind system requirements. Although the construction of goal models can be useful for communication, requirements elicitation, and decision making; one of the key benefits of such models is the ability to apply explicit analysis procedures, extending the benefits of the modeling process. Various types of analysis over goal models have been proposed, for example: propagating goal satisfaction values, computing metrics over models, finding acceptable models using planning algorithms, simulating model behavior, and checking formal properties over a model. Given the great diversity of analysis methods, how does one choose which method to use in practice? In this work we survey the major approaches, including their notational expressiveness, and the information needed to perform the analysis. Through our survey, we enumerate the perceived benefits of goal model analysis in the requirements process. A detailed comparison of procedures propagating goal satisfaction is provided. Using the list of benefits, an initial set of to aid users of goal models in choosing among available analysis methods guidelines is provided. We apply these guidelines to several examples from the literature.
May 13, 3pm (tentative) in the debugging room #BA3234
Margit Schwab, University of Vienna, Austria, Strategy and Performance-Management: The Balanced Scorecard Approach in ADOxx
The Balanced Scorecard is a management concept for strategic performance management which is characterized by its branch-independency by assigning strategic and operative goals to a balanced set of perspectives. By consequently deriving operative goals and key figures from vision and strategies, the balanced scorecard supports the operationalisation of corporate strategy.
The tool ADOscore supports the measurement and dynamic controlling of Corporate Performance. On one hand, strategic methods such as the Balanced Scorecard are used to achieve a consistent strategic alignment. On the other hand, ADOscore is designed for Performance Management scenarios that focus on controlling defined or planned corporate processes.
The talk will give a brief introduction in the appliaction ADOscore and the realization of the BSC Management Concept on the ADOxx platform.
Margit joined the team at the University of Vienna, Dept. of Knowledge and Business Engineering at the beginning of the winter term 2008 as a doctoral student of business informatics. During her professional career with the BOC Information Technologies Consulting Group, she could gain project experience in the area of process management in the financial industry with a main focus on insurance and reinsurance. Due to her process and subject matter knowledge in this area – she was in charge for the company’s reference process library. Besides her international project experiences, the current research topics are in the fields of quality & risk management, process sourcing & strategic aspects of process design, change management and process-based compliance management.
May 10th, 2pm, in the debugging room #BA3234
Dominik Schmitz, RWTH Aachen University
Agent Instantiation in i*
Abstract. The talk will report on the investigation of the details of AGENT instantiation in i*. After reviewing the available constructs, we discuss potential problems and shortcomings. A focus will be on the clarification of how the individuality of an AGENT shapes the ROLES (POSITIONS) it PLAYS (OCCUPIES, respectively). This becomes in particular (but not only!) relevant, when i* is used to model AGENTS to enable agent-based simulations. We then present a proposal to overcome the identified shortcomings by clearly separating between the more abstract ROLE-based modeling and AGENT instantiation and by allowing for the introduction of domain-specific instantiation parameters. The proposal dedicatedly refers to i*'s foundation in the knowledge representation language Telos. The applicability is documented in a traditional requirements engineering project (in the field of control system development) as well as in agent-based simulations in the context of entrepreneurship.
Dominik Schmitz received his diploma in computer science from RWTH Aachen University, Germany, in 2003. He then joined the Graduate School 643 "Software for Mobile Communication Systems," also at RWTH Aachen University, where he worked on agent technology, requirements engineering, and simulations in interorganizational networks. From 2006 to 2009 he was at the Fraunhofer Institute for Applied Information Technology, working on an interdisciplinary project that aims at integrating the model-based approaches within software and automatic control engineering. In 2009 he returned to the Information Systems Group at RWTH Aachen to complete his Ph.D. thesis. He has published about fifteen scientific papers.
Friday May 7, 3:30-4:30pm, BA3234
Daneile Barone & Lei Jiang, University of Toronto
Conceptual Models for Governance: The Business Intelligence Model
Paper co-authored with John Mylopoulos and Daniel Amyot
Abstract. Business Intelligence (BI) consists of a range of technologies intended to assist large organizations in determining the state and quality of their operations. BI activities are meaningful in the context of a business organization and its objectives, strategies and tactics, as well as a broader (external) context involving regulations, competitors, customers, markets, etc. This business context (internal and external) defines the effectiveness of business processes, and the things to monitor to ensure that business objectives are being met and regulations and policies are complied with. The Business Intelligence Model (BIM) provides a set of constructs for modeling and analyzing a business context consisting of intentions, situations, processes, actors, influences, key performance indicators, and more. It is intended to support the modeling and analysis of a business organization at both a strategic and a tactical level. BIM schemas can be used for governance activities, including analysis, monitoring and auditing. This paper presents some of the main innovations of BIM, including its primitive concepts, its structuring mechanisms, analysis examples, as well as an overview of an illustrative case study.
Thursday, May 6th, 3:00 pm in the debugging room #BA3234 (note 3 talks on the same day)
This is a practice talk for RCIS (Fourth International Conference on Research Challenges in Information Science)
Abstract. The heavy reliance on the human factor in agile methods poses new challenges for organizations intent on adopting them. Improper role assignment, neglected team dependencies, and overlooked required skills have all been reported as reasons for failures during the introduction of an agile method. Current process modelling languages are not designed for describing or analyzing such human-related issues, and thus, provide little assistance to organizations in the process of adopting an agile method. This paper advocates the use of goal-oriented modeling techniques for depicting social aspects of agile methods. These social models can be used to identify the key factors that contribute to the success or failure of an agile method, thus providing guidance early during the introduction of the method in an organization. The approach is illustrated using the Scrum process.
This is a practice talk for CAiSE (The 22nd International Conference on Advanced Information Systems Engineering)
Abstract. Despite advances in situational method engineering, many software organizations continue to adopt an ad-hoc mix of method fragments from well-known development methods such as Scrum or XP, based on their perceived suitability to project or organizational needs. With the increasing availability of empirical evidence on the success or failure of various software development methods and practices under different situational conditions, it now becomes feasible to make this evidence base systematically accessible to practitioners so that they can make informed decisions when creating situational methods for their organizations. This paper proposes a framework for evaluating the suitability of candidate method fragments prior to their adoption in software projects. The framework makes use of collected knowledge about how each method fragment can contribute to various project objectives, and what requisite conditions must be met for the fragment to be applicable. Pre-constructed goal models for the selected fragments are retrieved from a repository, merged, customized with situational factors, and then evaluated using a qualitative evaluation procedure adapted from goal-oriented requirements engineering.
This is a practice talk for iStar 2010 (Fourth International i* Workshop)
Abstract. This paper introduces a variant of the i* Strategic Dependency (SD) model, called Itemized Strategic Dependency (ISD). The goal of introducing ISDs was to use a simplified version of SD diagrams to facilitate knowledge elicitation from stakeholders during requirements and process engineering. We used ISD models during the early stages of a software process improvement initiative in one of R&D organizations at Ericsson Italy. In this paper, we explain how ISDs helped us to elicit the knowledge of organizational actors, and to reveal the hidden problems of the software development process.
Tuesday, December 15th, 2:00 pm in the debugging room #BA3234 (the talk would be 20-30minutes)
This talk outlines the goals and results of my recent study of software testing techniques. Primary focus will be on the differences (and similarities) in productivity and approach between developers of widely varying experience levels as they write suites of unit tests.
Wednesday, November 18th, 2pm to 4pm in the debugging room
Sofia Passova (CEO, President and Founder) of StereoLogic will come and give a demo of their business process discovery tool. They will discuss some of the problems they could potentially collaborate on with university researchers. They have some interesting business process model presentation issues and collaboration challenges which might be of interest to the group. It will be an informal discussion about interesting challenges and ideas coming out of their technology and demo.
Friday, September 25th, 3pm in the debugging room #BA3234 (the talk would be 20-30minutes)
The talk will focus on the results of the questionnaire I conducted this summer.
The goal of our research is to categorize the views of scientists on the topics of reproducibility, credibility, scooping, data sharing, results sharing, and the effectiveness of the peer review process.
Monday June 22, 2pm, room #BA3234 (Debugging Room)
The talk outlines the transfer of the i* Method to the ADOxx v1.0 Meta-Modelling Platform. We, the Dept. of Knowledge and Business Engineering (DKE) at the University of Vienna, denote such a transfer “conceptualization” as we think it is not a linear implementation in an arbitrary platform. The necessary steps of this conceptualization of a given, predefined method on ADOxx v1.0 will be presented. In addition the used platform provides “a set of” basic functionality which is available for all implementations realized for the platform, e.g. analysis queries or reports. The talk is intended to be a “status report” of the i* Method conceptualization in ADOxx v1.0 at this stage. ADOxx v1.0 is an application provided by the DKE. It is a development platform for designing methods for conceptual modelling based on a meta-modelling concept. Due to its open and flexible approach the platform is highly adaptable. Once a meta-model or method is defined, a separate application with an easy to use interface allows the user to capture the required knowledge in form of models as instances of the formally defined meta-model.
Margit joined the team at the University of Vienna, Dept. of Knowledge and Business Engineering at the beginning of the winter term 2008 as a doctoral student of business informatics.
During her professional career with the BOC Information Technologies Consulting Group, she could gain project experience in the area of process management in the financial industry with a main focus on insurance and reinsurance. Due to her process and subject matter knowledge in this area – she was in charge for the company’s reference process library. Besides her international project experiences, the current research topics are in the fields of quality & risk management, process sourcing & strategic aspects of process design, change management and process-based compliance management.
This session is a call to action. What can we, as software engineers, do to help tackle the challenge of climate change (besides reducing our personal carbon footprints)? The session will review recent results from climate science, showing how big the challenge is. We will then identify ways in which software engineering tools and techniques can help. The goal is to build a research agenda and a community of software engineering researchers willing to pursue it.
The ICSE organisers have worked hard this year to make the conference “greener” - to reduce our impact on the environment. This is partly in response to the growing worldwide awareness that we need to take more care of the natural environment. But it is also driven by a deeper and more urgent concern.
During this century, we will have to face up to a crisis that will make the current economic turmoil look like a walk in the park. Climate change is accelerating, confirming the more pessimistic of scenarios identified by climate scientists [1]. Its effects will touch everything, including the flooding of low-lying lands and coastal cities, the disruption of fresh water supplies for much of the world, the loss of agricultural lands, more frequent and severe extreme weather events, mass extinctions, and the destruction of entire ecosystems [2].
And there