Đang chuẩn bị liên kết để tải về tài liệu:
Chương 9: Modeling What Could Go Wrong: Risk Analysis on Goal Models

Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ

Completeness is highly desirable for missioncritical goals, Obstacle analysis may help elicit relevant domain properties. | Building System Models for RE Chapter 9 Modeling What Could Go Wrong: Risk Analysis on Goal Models Building models for RE Chap.8: Goals Chap.9: Risks Chap.10: Conceptual objects Chap.11: Agents on what? why ? how ? who ? Risk analysis as seen in Chapter 3 Risk = uncertain factor whose occurrence may result in loss of satisfaction of corresponding objective has likelihood & consequences (each having likelihood, severity) Poor risk management is a major cause of software failure Early risk analysis at RE time: checklists, component inspection, risk trees qualitative, quantitative explore countermeasures (tactics), select best as new reqs Risk analysis can be anchored on goal models Risk analysis on goal models: outline Goal obstruction by obstacles What are obstacles? Completeness of a set of obstacles Obstacle categories Modeling obstacles Obstacle diagrams Obstacle refinement Bottom-up propagation of obstructions in goal AND-refinements Annotating obstacle diagrams Obstacle analysis for a more robust goal model Identifying obstacles Evaluating obstacles Resolving obstacles in a modified goal model What are obstacles ? Motivation: goals in refinement graph are often too ideal, likely to be violated under abnormal conditions (unintentional or intentional agent behaviors) Obstacle = condition on system for violation of corresponding assertion (generally a goal) {O, Dom } |= not G obstruction {O, Dom } | false domain consistency O can be satisfied by some system behavior feasibility e.g. G: TrainStoppedAtBlockSignal If StopSignal Dom: If TrainStopsAtStopSignal then DriverResponsive O: DriverUnresponsive For behavioral goal: existential property capturing unadmissible behavior (negative scenario) Completeness of a set of obstacles Ideally, a set of obstacles to G should be complete {not O1,., not On, Dom } |= G domain completeness e.g. If not DriverUnresponsive and not BrakeSystemDown and StopSignal then TrainStoppedAtBlockSignal Completeness is highly desirable for | Building System Models for RE Chapter 9 Modeling What Could Go Wrong: Risk Analysis on Goal Models Building models for RE Chap.8: Goals Chap.9: Risks Chap.10: Conceptual objects Chap.11: Agents on what? why ? how ? who ? Risk analysis as seen in Chapter 3 Risk = uncertain factor whose occurrence may result in loss of satisfaction of corresponding objective has likelihood & consequences (each having likelihood, severity) Poor risk management is a major cause of software failure Early risk analysis at RE time: checklists, component inspection, risk trees qualitative, quantitative explore countermeasures (tactics), select best as new reqs Risk analysis can be anchored on goal models Risk analysis on goal models: outline Goal obstruction by obstacles What are obstacles? Completeness of a set of obstacles Obstacle categories Modeling obstacles Obstacle diagrams Obstacle refinement Bottom-up propagation of obstructions in goal AND-refinements Annotating obstacle diagrams Obstacle analysis .