发布求助
文献互助 智能选刊 最新文献

2014 IEEE 22nd International Requirements Engineering Conference (RE)最新文献

筛选
英文 中文
Efficient visual notations for efficient stakeholder communication 有效的可视化符号用于有效的利益相关者沟通
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912281
R. Laue, F. Hogrebe, Boris Böttcher, Markus Nüttgens
{"title":"Efficient visual notations for efficient stakeholder communication","authors":"R. Laue, F. Hogrebe, Boris Böttcher, Markus Nüttgens","doi":"10.1109/RE.2014.6912281","DOIUrl":"https://doi.org/10.1109/RE.2014.6912281","url":null,"abstract":"The visual syntax of modelling languages can support (or impede) the intuitive understandability of a model. We observed the process of problem solving with two notation variants of i* diagrams by means of an eye-tracking device. The number of wrongly answered questions was significantly lower when the alternative i* notation suggested by Moody et al. was used. For the eye-tracking metrics “time to solve a task” and “number of eye fixations”, no such significant result can be given. Furthermore, we identified a deficiency for the “dependency” symbol in the alternative notation.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123856399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Maintaining requirements for long-living software systems by incorporating security knowledge 通过整合安全知识来维护长寿软件系统的需求
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912252
Stefan Gärtner, Thomas Ruhroth, J. Bürger, K. Schneider, J. Jürjens
{"title":"Maintaining requirements for long-living software systems by incorporating security knowledge","authors":"Stefan Gärtner, Thomas Ruhroth, J. Bürger, K. Schneider, J. Jürjens","doi":"10.1109/RE.2014.6912252","DOIUrl":"https://doi.org/10.1109/RE.2014.6912252","url":null,"abstract":"Security is an increasingly important quality facet in modern information systems and needs to be retained. Due to a constantly changing environment, long-living software systems “age” not by wearing out, but by failing to keep up-to-date with their environment. The problem is that requirements engineers usually do not have a complete overview of the security-related knowledge necessary to retain security of long-living software systems. This includes security standards, principles and guidelines as well as reported security incidents. In this paper, we focus on the identification of known vulnerabilities (and their variations) in natural-language requirements by leveraging security knowledge. For this purpose, we present an integrative security knowledge model and a heuristic method to detect vulnerabilities in requirements based on reported security incidents. To support knowledge evolution, we further propose a method based on natural language analysis to refine and to adapt security knowledge. Our evaluation indicates that the proposed assessment approach detects vulnerable requirements more reliable than other methods (Bayes, SVM, k-NN). Thus, requirements engineers can react faster and more effectively to a changing environment that has an impact on the desired security level of the information system.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123444478","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Hidden in plain sight: Automatically identifying security requirements from natural language artifacts 隐藏在显而易见的地方:从自然语言工件自动识别安全需求
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912260
M. Riaz, J. King, John Slankas, L. Williams
{"title":"Hidden in plain sight: Automatically identifying security requirements from natural language artifacts","authors":"M. Riaz, J. King, John Slankas, L. Williams","doi":"10.1109/RE.2014.6912260","DOIUrl":"https://doi.org/10.1109/RE.2014.6912260","url":null,"abstract":"Natural language artifacts, such as requirements specifications, often explicitly state the security requirements for software systems. However, these artifacts may also imply additional security requirements that developers may overlook but should consider to strengthen the overall security of the system. The goal of this research is to aid requirements engineers in producing a more comprehensive and classified set of security requirements by (1) automatically identifying security-relevant sentences in natural language requirements artifacts, and (2) providing context-specific security requirements templates to help translate the security-relevant sentences into functional security requirements. Using machine learning techniques, we have developed a tool-assisted process that takes as input a set of natural language artifacts. Our process automatically identifies security-relevant sentences in the artifacts and classifies them according to the security objectives, either explicitly stated or implied by the sentences. We classified 10,963 sentences in six different documents from healthcare domain and extracted corresponding security objectives. Our manual analysis showed that 46% of the sentences were security-relevant. Of these, 28% explicitly mention security while 72% of the sentences are functional requirements with security implications. Using our tool, we correctly predict and classify 82% of the security objectives for all the sentences (precision). We identify 79% of all security objectives implied by the sentences within the documents (recall). Based on our analysis, we develop context-specific templates that can be instantiated into a set of functional security requirements by filling in key information from security-relevant sentences.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"169 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131894983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 71
Supporting traceability through affinity mining 通过关联挖掘支持可追溯性
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912256
V. Gervasi, D. Zowghi
{"title":"Supporting traceability through affinity mining","authors":"V. Gervasi, D. Zowghi","doi":"10.1109/RE.2014.6912256","DOIUrl":"https://doi.org/10.1109/RE.2014.6912256","url":null,"abstract":"Traceability among requirements artifacts (and beyond, in certain cases all the way to actual implementation) has long been identified as a critical challenge in industrial practice. Manually establishing and maintaining such traces is a high-skill, labour-intensive job. It is often the case that the ideal person for the job also has other, highly critical tasks to take care of, so offering semi-automated support for the management of traces is an effective way of improving the efficiency of the whole development process. In this paper, we present a technique to exploit the information contained in previously defined traces, in order to facilitate the creation and ongoing maintenance of traces, as the requirements evolve. A case study on a reference dataset is employed to measure the effectiveness of the technique, compared to other proposals from the literature.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133686071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 29
An Approach for Decision Support on the Uncertainty in Feature Model Evolution 特征模型演化不确定性下的决策支持方法
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912251
L. M. Tran, F. Massacci
{"title":"An Approach for Decision Support on the Uncertainty in Feature Model Evolution","authors":"L. M. Tran, F. Massacci","doi":"10.1109/RE.2014.6912251","DOIUrl":"https://doi.org/10.1109/RE.2014.6912251","url":null,"abstract":"Software systems could be seen as a hierarchy of features which are evolving due to the dynamic of the working environments. The companies who build software thus need to make an appropriate strategy, which takes into consideration of such dynamic, to select features to be implemented. In this work, we propose an approach to facilitate such selection by providing a means to capture the uncertainty of evolution in feature models. We also provide two analyses to support the decision makers. The approach is exemplified in the Smart Grid scenario.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123847089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Building a National E-Service using Sentire experience report on the use of Sentire: A volere-based requirements framework driven by calibrated personas and simulated user feedback 使用senite构建一个国家电子服务:使用senite的经验报告:一个基于志愿者的需求框架,由校准的人物角色和模拟的用户反馈驱动
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912288
C. Porter, Emmanuel Letier, M. Sasse
{"title":"Building a National E-Service using Sentire experience report on the use of Sentire: A volere-based requirements framework driven by calibrated personas and simulated user feedback","authors":"C. Porter, Emmanuel Letier, M. Sasse","doi":"10.1109/RE.2014.6912288","DOIUrl":"https://doi.org/10.1109/RE.2014.6912288","url":null,"abstract":"User experience (UX) is difficult to quantify and thus more challenging to require and guarantee. It is also difficult to gauge the potential impact on users' lived experience, especially at the earlier stages of the development life cycle, particularly before hi fidelity prototypes are developed. We believe that the enrolment process is a major hurdle for e-government service adoption and badly designed processes might result in negative repercussions for both the policy maker and the different user groups involved; non-adoption and resentment are two risks that may result in low return on investment (ROI), lost political goodwill and ultimately a negative lived experience for citizens. Identity assurance requirements need to balance out the real value of the assets being secured (risk) with the user groups' acceptance thresholds (based on a continuous cost-benefit exercise factoring in cognitive and physical workload). Sentire is a persona-centric requirements framework built on and extending the Volere requirements process with UX-analytics, reusable user behavioural models and simulated user feedback through calibrated personas. In this paper we present a story on how Sentire was adopted in the development of a national public-facing e-service. Daily journaling was used throughout the project and a custom built cloud-based CASE tool was used to manage the whole process. This paper outlines our experiences and lessons learnt.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126461060","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Scaling requirements extraction to the crowd: Experiments with privacy policies 向人群扩展需求提取:隐私策略实验
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912258
T. Breaux, F. Schaub
{"title":"Scaling requirements extraction to the crowd: Experiments with privacy policies","authors":"T. Breaux, F. Schaub","doi":"10.1109/RE.2014.6912258","DOIUrl":"https://doi.org/10.1109/RE.2014.6912258","url":null,"abstract":"Natural language text sources have increasingly been used to develop new methods and tools for extracting and analyzing requirements. To validate these new approaches, researchers rely on a small number of trained experts to perform a labor-intensive manual analysis of the text. The time and resources needed to conduct manual extraction, however, has limited the size of case studies and thus the generalizability of results. To begin to address this issue, we conducted three experiments to evaluate crowdsourcing a manual requirements extraction task to a larger number of untrained workers. In these experiments, we carefully balance worker payment and overall cost, as well as worker training and data quality to study the feasibility of distributing requirements extraction to the crowd. The task consists of extracting descriptions of data collection, sharing and usage requirements from privacy policies. We present results from two pilot studies and a third experiment to justify applying a task decomposition approach to requirements extraction. Our contributions include the task decomposition workflow and three metrics for measuring worker performance. The final evaluation shows a 60% reduction in the cost of manual extraction with a 16% increase in extraction coverage.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129392238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 67
Context-sensitive Information security Risk identification and evaluation techniques 上下文敏感的信息安全风险识别和评估技术
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912303
D. Ionita
{"title":"Context-sensitive Information security Risk identification and evaluation techniques","authors":"D. Ionita","doi":"10.1109/RE.2014.6912303","DOIUrl":"https://doi.org/10.1109/RE.2014.6912303","url":null,"abstract":"The objective of my research is to improve and support the process of Information security Risk Assessment by designing a scalable Risk argumentation framework for socio-digital-technical Risk. Due to the various types of IT systems, diversity of architectures and dynamic nature of Risk, there is no one-size-fits all RA method. As such, the research hopes to identify guidelines for conducting Risk Assessments in contexts that raise special challenges such as Telecom and virtualized infrastructures. Finally, it will suggest ways of qualitatively and quantitatively evaluating Information Security Risks in such scenarios by using argumentation and/or modelling attacker business cases.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"357 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132965687","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Goal-oriented compliance with multiple regulations 以目标为导向,遵守多个法规
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912249
S. Ghanavati, André Rifaut, E. Dubois, Daniel Amyot
{"title":"Goal-oriented compliance with multiple regulations","authors":"S. Ghanavati, André Rifaut, E. Dubois, Daniel Amyot","doi":"10.1109/RE.2014.6912249","DOIUrl":"https://doi.org/10.1109/RE.2014.6912249","url":null,"abstract":"Most systems and business processes in organizations need to comply with more than one law or regulation. Different regulations can partially overlap (e.g., one can be more detailed than the other) or even conflict with each other. In addition, one regulation can permit an action whereas the same action in another regulation might be mandatory or forbidden. In each of these cases, an organization needs to take different strategies. This paper presents an approach to handle different situations when comparing and attempting to comply with multiple regulations as part of a goal-oriented modeling framework named LEGAL-URN. This framework helps organizations find suitable trade-offs and priorities when complying with multiple regulations while at the same time trying to meet their own business objectives. The approach is illustrated with a case study involving a Canadian health care organization that must comply with four laws related to privacy, quality of care, freedom of information, and care consent.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129371666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 42
How Do Users Like This Feature? A Fine Grained Sentiment Analysis of App Reviews 用户喜欢这个功能吗?应用评论的细粒度情感分析
2014 IEEE 22nd International Requirements Engineering Conference (RE) Pub Date : 2014-09-29 DOI: 10.1109/RE.2014.6912257
Emitzá Guzmán, W. Maalej
{"title":"How Do Users Like This Feature? A Fine Grained Sentiment Analysis of App Reviews","authors":"Emitzá Guzmán, W. Maalej","doi":"10.1109/RE.2014.6912257","DOIUrl":"https://doi.org/10.1109/RE.2014.6912257","url":null,"abstract":"App stores allow users to submit feedback for downloaded apps in form of star ratings and text reviews. Recent studies analyzed this feedback and found that it includes information useful for app developers, such as user requirements, ideas for improvements, user sentiments about specific features, and descriptions of experiences with these features. However, for many apps, the amount of reviews is too large to be processed manually and their quality varies largely. The star ratings are given to the whole app and developers do not have a mean to analyze the feedback for the single features. In this paper we propose an automated approach that helps developers filter, aggregate, and analyze user reviews. We use natural language processing techniques to identify fine-grained app features in the reviews. We then extract the user sentiments about the identified features and give them a general score across all reviews. Finally, we use topic modeling techniques to group fine-grained features into more meaningful high-level features. We evaluated our approach with 7 apps from the Apple App Store and Google Play Store and compared its results with a manually, peer-conducted analysis of the reviews. On average, our approach has a precision of 0.59 and a recall of 0.51. The extracted features were coherent and relevant to requirements evolution tasks. Our approach can help app developers to systematically analyze user opinions about single features and filter irrelevant reviews.","PeriodicalId":307764,"journal":{"name":"2014 IEEE 22nd International Requirements Engineering Conference (RE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128960704","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 552
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信