Conference Paper

Requirements-Aware Systems: A Research Agenda for RE for Self-adaptive Systems.

Comput. Dept., Lancaster Univ., Lancaster, UK
DOI: 10.1109/RE.2010.21 Conference: RE 2010, 18th IEEE International Requirements Engineering Conference, Sydney, New South Wales, Australia, September 27 - October 1, 2010
Source: DBLP

ABSTRACT Requirements are sensitive to the context in which the system-to-be must operate. Where such context is well understood and is static or evolves slowly, existing RE techniques can be made to work well. Increasingly, however, development projects are being challenged to build systems to operate in contexts that are volatile over short periods in ways that are imperfectly understood. Such systems need to be able to adapt to new environmental contexts dynamically, but the contextual uncertainty that demands this self-adaptive ability makes it hard to formulate, validate and manage their requirements. Different contexts may demand different requirements trade-offs. Unanticipated contexts may even lead to entirely new requirements. To help counter this uncertainty, we argue that requirements for self-adaptive systems should be run-time entities that can be reasoned over in order to understand the extent to which they are being satisfied and to support adaptation decisions that can take advantage of the systems' self-adaptive machinery. We take our inspiration from the fact that explicit, abstract representations of software architectures used to be considered design-time-only entities but computational reflection showed that architectural concerns could be represented at run-time too, helping systems to dynamically reconfigure themselves according to changing context. We propose to use analogous mechanisms to achieve requirements reflection. In this paper we discuss the ideas that support requirements reflection as a means to articulate some of the outstanding research challenges.


Available from: Nelly Bencomo, Jun 16, 2015
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Self-adaptive access control, in which self-* properties are applied to protecting systems, is a promising solution for the handling of malicious user behaviour in complex infrastructures. A major challenge in self-adaptive access control is ensuring that chosen adaptations are valid, and produce a satisfiable model of access. The contribution of this paper is the generation, transformation and verification of Role Based Access Control (RBAC) models at run-time, as a means for providing assurances that the adaptations to be deployed are valid. The goal is to protect the system against insider threats by adapting at run-time the access control policies associated with system resources, and access rights assigned to users. Depending on the type of attack, and based on the models from the target system and its environment, the adapted access control models need to be evaluated against the RBAC metamodel, and the adaptation constraints related to the application. The feasibility of the proposed approach has been demonstrated in the context of a fully working prototype using malicious scenarios inspired by a well documented case of insider attack.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Self-adaptive software systems can adjust their behaviors at runtime to respond to the context changes. To operationalize the adaptive mechanism, feedback loops have been advocated in many works. However, most of existing works focus on the architecture design to realize the feedback loops. How to model the required feedback loops remains an issue. In this paper, we propose a problem oriented approach for this issue. This approach models the system composed by the self-adaptive software and its context as an adaptive control system which is equipped with two kinds of feedback loops: context-aware feedback loops and requirements-aware feedback loops. To model the feedback loops, we identify five classes of software problems to address the different concerns of the adaptive requirements behind the feedback loops. We illustrate our idea by applying it to a cruise control system.
    Proceedings of the 2012 19th Asia-Pacific Software Engineering Conference - Volume 01; 12/2012
  • Source