ABSTRACT
Software systems enable performing today's complex business processes. Considering trustworthiness requirements in accordance to trust concerns of the end-users during the development of software systems is a critical issue. Particularly challenging are the cross-disciplinary factors that affect trust of the end-users. Furthermore, expertise in domain and requirements analysis are also required. The problem is even more complex considering current advances in technologies like cloud computing, because of the high distribution, huge amounts of data flows, and a large number of involved participants. It is essential for building a trustworthy software system to elicit and analyze trustworthiness requirements. Documenting these trustworthiness requirements along the other requirements that can achieve the construction of a trustworthy system requires eliciting and documenting the trustworthiness-related domain knowledge.
Using goal and business process models, gained domain knowledge can be refined into functional or non-functional requirements for software development which contribute to the trustworthiness of the system under development. Our pattern-based approach helps to systematically refine and document the functional as well as non-functional requirements that satisfy the identified trustworthiness goals. In this paper, we develop patterns to aid the documentation of trustworthiness requirements. The provided patterns are used during the requirement engineering phase to support the requirements engineer in documenting trustworthiness requirements by using linguistic templates. Using our patterns, end-users are also supported in expressing their requirements (trust concern identification pattern) and understanding which problems exist and how the problems are addressed (trustworthiness requirement pattern). These patterns yield insights into the relevant trustworthiness requirements that address the corresponding trust concerns. The application of the introduced patterns helps the requirements engineer during the trustworthiness requirement documentation in an unambiguous, understandable, traceable and verifiable way. We illustrate the patterns by applying it on an application example from an ambient assisted living domain.
- Alebrahim, A., Heisel, M., and Meis, R. 2014. Computational Science and Its Applications - ICCSA 2014: 14th International Conference, Guimarães, Proceedings. Springer International Publishing, Chapter A Structured Approach for Eliciting, Modeling, and Using Quality-Related Domain Knowledge, 370--386.Google Scholar
- Avancha, S., Baxi, A., and Kotz, D. 2012. Privacy in Mobile Technology for Personal Healthcare. ACM Comput. Surv. 45, 1, 3:1--3:54. Google ScholarDigital Library
- Beckers, K., Fassbender, S., and Heisel, M. 2015. A Meta-model for Context-patterns. In Proceedings of the 18th European Conference on Pattern Languages of Program. EuroPLoP '13. ACM, New York, NY, USA, 5:1--5:15. Google ScholarDigital Library
- Beckers, K., Fa, S., Heisel, M., and Suppan, S. 2014. A Meta-pattern and Pattern Form for Context-patterns. In Proceedings of the 19th European Conference on Pattern Languages of Programs. EuroPLoP '14. ACM, New York, NY, USA, 5:1--5:23. Google ScholarDigital Library
- Buschmann, F., Henney, K., and C. Schmidt, D. 2007. Pattern-Oriented Software Architecture - Volume 5: On Patterns and Pattern Languages. Wiley Publishing. Google ScholarDigital Library
- da Silva, A. R., Savić, D., Vlajić, S., Antović, I., Lazarević, S., Stanojević, V., and Milić, M. 2015. A Pattern Language for Use Cases Specification. In Proceedings of the 20th European Conference on Pattern Languages of Programs. EuroPLoP '15. ACM, New York, NY, USA, 8:1--8:18. Google ScholarDigital Library
- del Ro-Ortega, A., Resinas Arias de Reyna, M., Durn Toro, A., and Ruiz-Corts, A. 2012. Defining Process Performance Indicators by Using Templates and Patterns. In Business Process Management. Lecture Notes in Computer Science Series, vol. 7481. Springer, 223--228. Google ScholarDigital Library
- Gol Mohammadi, N., Bandyszak, T., Goldsteen, A., Kalogiros, C., Weyer, T., Moffie, M., Nasser, B. I., and Surridge, M. 2015. Combining Risk-Management and Computational Approaches for Trustworthiness Evaluation of Socio-Technical Systems. In Proc. of the CAiSE Forum. 237--244.Google Scholar
- Gol Mohammadi, N. and Heisel, M. 2016a. Enhancing business process models with trustworthiness requirements. In Trust Management X - 10th IFIP WG 11.11 International Conference, IFIPTM 2016, Darmstadt, Germany, July 18--22, 2016, Proceedings. 33--51.Google Scholar
- Gol Mohammadi, N. and Heisel, M. 2016b. A framework for systematic analysis and modeling of trustworthiness requirements using i* and BPMN. In Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Porto, Portugal, September 7--8, 2016, Proceedings. 3--18.Google Scholar
- Gol Mohammadi, N., Paulus, S., Bishr, M., Metzger, A., Knnecke, H., Hartenstein, S., Weyer, T., and Pohl, K. 2013. Trustworthiness Attributes and Metrics for Engineering Trusted Internet-Based Software Systems. In Cloud Computing and Services Science - 3rd Int. Conf., CLOSER, Revised Selected Papers. Springer, 19--35.Google Scholar
- Gritzalis, S. 2004. Enhancing Privacy and Data Protection in Electronic Medical Environments. Journal of Medical Systems 28, 6, 535--547. Google ScholarDigital Library
- Grosskopf, A., Decker, G., and Weske, M. 2009. The Process: Business Process Modeling using BPMN. Meghan Kiffer Press.Google Scholar
- Leino-Kilpi, H., Vlimki, M., Dassen, T., Gasull, M., Lemonidou, C., Scott, A., and Arndt, M. 2001. Privacy: A Review of the Literature. Int. Journal of Nursing Studies 38, 6, 663 -- 671.Google ScholarCross Ref
- Lepak, David P., S. K. G. and Taylor, M. S. 2007. Introduction to Special Topic Forum: Value Creation and Value Capture: A Multilevel Perspective. In The Academy of Management Review. Academy of Management, 180--194.Google Scholar
- Mei, H., Huang, G., and Xie, T. 2012. Internetware: A Software Paradigm for Internet Computing. Computer 45, 6, 26--31. Google ScholarDigital Library
- Meland, P. H., Bernsmed, K., Jaatun, M. G., Castejón, H. N., and Undheim, A. 2014. Expressing cloud security requirements for SLAs in deontic contract languages for cloud brokers. IJCC 3, 1, 69--93.Google ScholarCross Ref
- Pohl, K. 2010. Requirements Engineering: Fundamentals, Principles, and Techniques 1st Ed. Springer. Google ScholarDigital Library
- Sztompka, P. 2000. Trust: A Sociological Theory. Cambridge, UK: Cambridge University Press.Google Scholar
- Withall, S. 2007. Software Requirement Patterns First Ed. Microsoft Press, Redmond, WA, USA. Google ScholarDigital Library
Index Terms
- Patterns for identification of trust concerns and specification of trustworthiness requirements
Recommendations
Trustworthiness Requirements: The Pix Case Study
Conceptual ModelingAbstractThe advent of socio-technical, cyber-physical and artificial intelligence systems has broadened the scope of requirements engineering, which must now deal with new classes of requirements, concerning ethics, privacy and trust. This brings new ...
Trust in requirements elicitation: how does it build, and why does it matter to requirements engineers?
SAC '17: Proceedings of the Symposium on Applied ComputingElicitation is a process during Requirements Engineering (RE) which intends to identify requirements and information about a system and its domain. It relies heavily on communications and interactions between engineers and stakeholders. One significant ...
An agile requirements elicitation approach based on NFRs and business process models for micro-businesses
Profes '11: Proceedings of the 12th International Conference on Product Focused Software Development and Process ImprovementSoftware empowers micro-businesses to be more competitive - be it accounting software, point-of-sales software, e-commerce software, and the like. Before having such software, micro-businesses must express their requirements properly to the software ...
Comments