Agile Requirements Evolution via
Paraconsistent ReasoningNeil A. Ernst
University of British Columbia@neilernst • [email protected] • neilernst.net
with: Alexander Borgida, John Mylopoulos and Ivan [email protected], [email protected],
[email protected] Thursday, 28 June, 12
Agile Requirements Evolution via
Paraconsistent ReasoningNeil A. Ernst
University of British Columbia@neilernst • [email protected] • neilernst.net
with: Alexander Borgida, John Mylopoulos and Ivan [email protected], [email protected],
page 382 of proceedings
Thursday, 28 June, 12
TakeawayWe need agile requirements models — that
can still be systematically analysed.
Thursday, 28 June, 12
TakeawayWe need agile requirements models — that
can still be systematically analysed.
• Motivation
Thursday, 28 June, 12
TakeawayWe need agile requirements models — that
can still be systematically analysed.
• Motivation• Formal representation of a requirements
problem as a knowledge base.
Thursday, 28 June, 12
TakeawayWe need agile requirements models — that
can still be systematically analysed.
• Motivation• Formal representation of a requirements
problem as a knowledge base.• How paraconsistent reasoning helps us
support dynamism.
Thursday, 28 June, 12
TakeawayWe need agile requirements models — that
can still be systematically analysed.
• Motivation• Formal representation of a requirements
problem as a knowledge base.• How paraconsistent reasoning helps us
support dynamism. • Evaluation, how this works in practice.
Thursday, 28 June, 12
Agility ...
time
Req
Devel.Test
Ops
Thursday, 28 June, 12
Agility ...
time
Req
Devel. TestOps
Thursday, 28 June, 12
Agility ...
time
Req
Devel. TestOps
Thursday, 28 June, 12
Agility ...
time
ReqDevel. Test
Ops
Thursday, 28 June, 12
Agility ...
time
ReqDevel. Test
Ops
Thursday, 28 June, 12
Requirements agility is constrained
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login Security hole
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login Security hole
How about removing RSA?
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login Security hole
How about removing RSA?
Not back-compatible
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login Security hole
How about removing RSA?
Simplify account mgmt?
Not back-compatible
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login Security hole
How about removing RSA?
Simplify account mgmt?
Not back-compatible
Violates Sarbanes-Oxley
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login Security hole
How about removing RSA?
Simplify account mgmt?
Add COO’s pet feature?
Not back-compatible
Violates Sarbanes-Oxley
Thursday, 28 June, 12
Requirements agility is constrained
Let’s add remote login Security hole
How about removing RSA?
Simplify account mgmt?
Add COO’s pet feature?
Not back-compatible
Violates Sarbanes-Oxley
CEO hates COO
Thursday, 28 June, 12
Requirements agility means success
Thursday, 28 June, 12
Requirements agility means success
Thursday, 28 June, 12
“[the code] remained operational in Ariane 5 without satisfying any
(traceable) requirement.”Thursday, 28 June, 12
Thursday, 28 June, 12
Command Executionsedit.Delete 5.4 M
file.Save 4.3 Medit.Paste 3.8 Medit.Copy 2.4 M
ContentAssist.proposals 1.4 M
Thursday, 28 June, 12
Command Executionsedit.Delete 5.4 M
file.Save 4.3 Medit.Paste 3.8 Medit.Copy 2.4 M
ContentAssist.proposals 1.4 M
Data: Eclipse UPP, 200908, eclipse.ui, 3.5.0
Command Executionswindow.previousView 9
navigate.Back 69window.showViewMenu 89
window.previousPerspective 155window.previousEditor 166
Thursday, 28 June, 12
Requirements problems
Thursday, 28 June, 12
R R R
Requirements problems
Thursday, 28 June, 12
R R R
r r
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
T
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
T
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
T
D D
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
TT T
D D
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
T
D D
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
TT
D D
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
TT T
D D
Requirements problems
Thursday, 28 June, 12
R R R
r r
TT
TT
T
D D
Requirements problems
Thursday, 28 June, 12
R R R
r r
RequirementsKnowledge Base
TT
TT
T
D D
Requirements problems
Thursday, 28 June, 12
Paraconsistency
Payment Card regs.
Thursday, 28 June, 12
Formalizing paraconsistency
• For the statement ‘requirement A conflicts with requirement B’ writeA ∧ B → ⊥
• Inconsistent when bottom (⊥) can be derived
• Often more ‘complete’ requirements are less consistent.
Thursday, 28 June, 12
Why paraconsistency?
taken from Nuseibeh et al. 2001Thursday, 28 June, 12
Why paraconsistency?• to facilitate distributed collaborative
working (viewpoints),
taken from Nuseibeh et al. 2001Thursday, 28 June, 12
Why paraconsistency?• to facilitate distributed collaborative
working (viewpoints),
taken from Nuseibeh et al. 2001
• to ensure all stakeholder views are taken into account,
Thursday, 28 June, 12
Why paraconsistency?
• to focus attention on problem areas [of the specification],
• to facilitate distributed collaborative working (viewpoints),
taken from Nuseibeh et al. 2001
• to ensure all stakeholder views are taken into account,
Thursday, 28 June, 12
Why paraconsistency?
• to focus attention on problem areas [of the specification],
• to prevent premature commitment to design decisions.
• to facilitate distributed collaborative working (viewpoints),
taken from Nuseibeh et al. 2001
• to ensure all stakeholder views are taken into account,
Thursday, 28 June, 12
Why paraconsistency?
• to focus attention on problem areas [of the specification],
• to facilitate distributed collaborative working (viewpoints),
• to prevent premature commitment to design decisions.
taken from Nuseibeh et al. 2001
• to ensure all stakeholder views are taken into account,
Thursday, 28 June, 12
Criteria for paraconsistent satisfaction
• Domain assumptions and refinements are consistent.
• Desired goals are internally consistent.
• Selected tasks are internally consistent.
Thursday, 28 June, 12
R R R
r r
TT
TT
T
D D
Thursday, 28 June, 12
R R R
r r
TT
TT
T
D D
Thursday, 28 June, 12
R R R
r r
TT
TT
T
D DD D
Thursday, 28 June, 12
R R R
r r
TT
TT
TT
D DD D
T
Thursday, 28 June, 12
R R R
r r
TT
TT
TT
D DD D
T
R
r
Thursday, 28 June, 12
What to do?
Thursday, 28 June, 12
What to do?1. Given goals, what minimal sets of tasks
satisfy them? (minimal goal achievement)
Thursday, 28 June, 12
What to do?1. Given goals, what minimal sets of tasks
satisfy them? (minimal goal achievement)
2. Given goals, and minimal task sets, what can we add to expand our consistent solution? (get candidate solutions)
Thursday, 28 June, 12
What to do?1. Given goals, what minimal sets of tasks
satisfy them? (minimal goal achievement)
2. Given goals, and minimal task sets, what can we add to expand our consistent solution? (get candidate solutions)
3. Other operations: bottom-up reasoning, costs, etc.
Thursday, 28 June, 12
Assign unique ID Use
existing h/w
Compensating control
8.1 prevent multiple logins
Log Access
Use SUDO Use centralized
ID
Use AS/400 servers
Minimal Goal Achievement
Thursday, 28 June, 12
Assign unique ID Use
existing h/w
Compensating control
8.1 prevent multiple logins
Log Access
Use SUDO Use centralized
ID
Use AS/400 servers
Minimal Goal Achievement
Thursday, 28 June, 12
Assign unique ID Use
existing h/w
Compensating control
8.1 prevent multiple logins
Log Access
Use SUDO Use centralized
ID
Use AS/400 servers
Minimal Goal Achievement
Use SUDO Log Access
Use AS/400 servers
Thursday, 28 June, 12
Assign unique ID Use
existing h/w
Compensating control
8.1 prevent multiple logins
Log Access
Use SUDO Use centralized
ID
Use AS/400 serversUse SUDO Log
Access
Use AS/400 servers
Thursday, 28 June, 12
Get Candidate SolutionsAssign
unique ID Use existing h/w
Compensating control
8.1 prevent multiple logins
Log Access
Use SUDO Use centralized
ID
Use AS/400 serversUse SUDO Log
Access
Use AS/400 servers
Thursday, 28 June, 12
Get Candidate SolutionsAssign
unique ID Use existing h/w
Compensating control
8.1 prevent multiple logins
Log Access
Use SUDO Use centralized
ID
Use AS/400 serversUse SUDO Log
Access
Use AS/400 servers
Use existing h/w
Thursday, 28 June, 12
Evaluation and implementation
• Implemented reasoner using graphical modeling tool and assumption-based truth maintenance.
• Tested tool on 340 requirement Payment Card case study.
• Find all solutions in ~600s.• Outperforms (outdated) MinWeightSat
reasoner.
Thursday, 28 June, 12
Visual editor
Domain specific lang.
Visual editorVisual editorVisual editorVisual editorVisual editorVisual editorVisual editor
Reasoner
RE-KOMBINE
Thursday, 28 June, 12
Visual editorReq. Mgmt. Tool
DSL editor
Visual editorVisual editorVisual editorVisual editorVisual editorVisual editorVisual editor
Reasoner
Thursday, 28 June, 12
SummaryProblem: support agile requirements while still enabling systematically modelling and analysis.Solution: paraconsistent models with reasoning backend.
Code and data available at http://github.com/neilernst/Techne-TMS
Neil Ernst: @neilernst • neilernst.netThursday, 28 June, 12