Đang chuẩn bị liên kết để tải về tài liệu:
Chương 9: Modeling What Could Go Wrong: Risk Analysis on Goal Models
Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Completeness is highly desirable for missioncritical goals, Obstacle analysis may help elicit relevant domain properties. | Building System Models for RE Chapter 9 Modeling What Could Go Wrong: Risk Analysis on Goal Models Building models for RE Chap.8: Goals Chap.9: Risks Chap.10: Conceptual objects Chap.11: Agents on what? why ? how ? who ? Risk analysis as seen in Chapter 3 Risk = uncertain factor whose occurrence may result in loss of satisfaction of corresponding objective has likelihood & consequences (each having likelihood, severity) Poor risk management is a major cause of software failure Early risk analysis at RE time: checklists, component inspection, risk trees qualitative, quantitative explore countermeasures (tactics), select best as new reqs Risk analysis can be anchored on goal models Risk analysis on goal models: outline Goal obstruction by obstacles What are obstacles? Completeness of a set of obstacles Obstacle categories Modeling obstacles Obstacle diagrams Obstacle refinement Bottom-up propagation of obstructions in goal AND-refinements Annotating obstacle diagrams Obstacle analysis for a more robust goal model Identifying obstacles Evaluating obstacles Resolving obstacles in a modified goal model What are obstacles ? Motivation: goals in refinement graph are often too ideal, likely to be violated under abnormal conditions (unintentional or intentional agent behaviors) Obstacle = condition on system for violation of corresponding assertion (generally a goal) {O, Dom } |= not G obstruction {O, Dom } | false domain consistency O can be satisfied by some system behavior feasibility e.g. G: TrainStoppedAtBlockSignal If StopSignal Dom: If TrainStopsAtStopSignal then DriverResponsive O: DriverUnresponsive For behavioral goal: existential property capturing unadmissible behavior (negative scenario) Completeness of a set of obstacles Ideally, a set of obstacles to G should be complete {not O1,., not On, Dom } |= G domain completeness e.g. If not DriverUnresponsive and not BrakeSystemDown and StopSignal then TrainStoppedAtBlockSignal Completeness is highly desirable for | Building System Models for RE Chapter 9 Modeling What Could Go Wrong: Risk Analysis on Goal Models Building models for RE Chap.8: Goals Chap.9: Risks Chap.10: Conceptual objects Chap.11: Agents on what? why ? how ? who ? Risk analysis as seen in Chapter 3 Risk = uncertain factor whose occurrence may result in loss of satisfaction of corresponding objective has likelihood & consequences (each having likelihood, severity) Poor risk management is a major cause of software failure Early risk analysis at RE time: checklists, component inspection, risk trees qualitative, quantitative explore countermeasures (tactics), select best as new reqs Risk analysis can be anchored on goal models Risk analysis on goal models: outline Goal obstruction by obstacles What are obstacles? Completeness of a set of obstacles Obstacle categories Modeling obstacles Obstacle diagrams Obstacle refinement Bottom-up propagation of obstructions in goal AND-refinements Annotating obstacle diagrams Obstacle analysis .