The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
A task at the beginning of the software development process is the creation of a requirements specification. The requirements specification is usually created by a software engineering expert. We try to substitute this expert by a domain expert (the user) and formulate the problem of creating requirements specifications as a search-based software engineering problem. The domain expert provides only...
This paper focuses on improving requirements quality in agile projects by determining requirements prioritization. Current methods suggest to take into account business value in order to determine the requirements priority rank. In practice it was observed that many other factors enter into the equation, such as implementation cost and functionality dependencies. Since agile methods suggest that priority...
Understanding tradeoffs among stakeholder requirements regarding liveness (something good happens) and safety (nothing bad happens) is crucial for designing sociotechnical systems (STSs). Safety-focused specifications restrict agents' actions to avoid undesired executions. However, such restrictions hinder liveness. We formalize such tradeoffs using the elements of an STS specification to understand...
Requirements analysts can model regulated data practices to identify and reason about risks of non-compliance. If terminology is inconsistent or ambiguous, however, these models and their conclusions will be unreliable. To study this problem, we investigated an approach to automatically construct an information type ontology by identifying information type hyponymy in privacy policies using Tregex...
Over 50 papers present natural language processing tools for improving the quality of requirements. However, few of these are adopted by industry. Even worse, most of them are no longer publicly available or supported by their creators. The few available and actively maintained tools exhibit some outstanding features, but also include sub-optimal functionalities. In this paper, we compare the performance...
Decision-making requires the quantification and trade-off of multiple non-functional requirements (NFRs) and the analysis of costs and benefits between alternative solutions. Different techniques have been used to specify utility preferences for NFRs and decision-making strategies of self-adaptive systems (SAS). These preferences are defined during design-time. It is well known that correctly identifying...
The results of the requirements engineering process are predominantly documented in natural language requirements specifications. Besides the actual requirements, these documents contain additional content such as explanations, summaries, and figures. For the later use of requirements specifications, it is important to be able to differentiate between legally relevant requirements and other auxiliary...
Reviews for software products contain much information about the users' requirements and preferences, which can be very useful to the requirements engineer. However, taking advantage of this information is not easy due to the large and overwhelming number of reviews that is posted in various channels. Machine learning and opinion mining techniques have therefore been used to process the reviews automatically...
The world is witnessing exploding interests in big data and its analytics, which makes data a critical and relevant asset more than ever for today's organizations. However, without a proper understanding to security and privacy requirements, data might hardly be used to its full power. Data owners and users can be in risk in terms of information security and privacy when sharing their data and running...
In modern enterprises, incorrect or inconsistent security policies can lead to massive damage, e.g., through unintended data leakage. As policy authors have different skills and background knowledge, usable policy editors have to be tailored to the author's individual needs and to the corresponding application domain. However, the development of individual policy editors and the customization of existing...
The security community has established a number of knowledge sources, including security catalogues and controls, that capture security expertise and can support elicitation of security requirements. Providing additional guidance on how and when to leverage the security information available in the existing knowledge sources in the context of the given system can support security requirements engineering...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.