Visible to the public Biblio

Filters: Keyword is requirements elicitation  [Clear All Filters]
2020-01-21
Kaiya, Haruhiko, Muto, Ryoya, Nagano, Kaito, Yoshida, Mizuki.  2019.  Mutual Requirements Evolution by Combining Different Information Systems. Proceedings of the 23rd Pan-Hellenic Conference on Informatics. :159–162.
We propose a method of eliciting requirements for several different systems together. We focus on systems used by one user at the same time become such systems inherently give influences on with other. We expect such influences help a requirements analyst to be aware of unknown requirements of the user. Any modeling notations are used to explore the combination among systems causing such influences because the differences among the notations give diverse viewpoints to the analyst. To specify such mutual influences, we introduce semantic tags represented by stereo types. We also introduce other semantic tags so that the analyst can judge whether the combination brings advantages to the user. We apply our method to an example and we confirm the method works.
2018-02-15
Hibshi, H., Breaux, T. D..  2017.  Reinforcing Security Requirements with Multifactor Quality Measurement. 2017 IEEE 25th International Requirements Engineering Conference (RE). :144–153.

Choosing how to write natural language scenarios is challenging, because stakeholders may over-generalize their descriptions or overlook or be unaware of alternate scenarios. In security, for example, this can result in weak security constraints that are too general, or missing constraints. Another challenge is that analysts are unclear on where to stop generating new scenarios. In this paper, we introduce the Multifactor Quality Method (MQM) to help requirements analysts to empirically collect system constraints in scenarios based on elicited expert preferences. The method combines quantitative statistical analysis to measure system quality with qualitative coding to extract new requirements. The method is bootstrapped with minimal analyst expertise in the domain affected by the quality area, and then guides an analyst toward selecting expert-recommended requirements to monotonically increase system quality. We report the results of applying the method to security. This include 550 requirements elicited from 69 security experts during a bootstrapping stage, and subsequent evaluation of these results in a verification stage with 45 security experts to measure the overall improvement of the new requirements. Security experts in our studies have an average of 10 years of experience. Our results show that using our method, we detect an increase in the security quality ratings collected in the verification stage. Finally, we discuss how our proposed method helps to improve security requirements elicitation, analysis, and measurement.