Talk at the RE20

1. Finding Incremental Solutions
for Evolving Requirements
Neil
Ernst,
Alexander
Borgida,
Ivan
Jureta
nernst@cs.ubc.ca
-­‐
borgida@cs.rutgers.edu
-­‐
ijureta@fundp.ac.be
1

2. The problem
• Changing
requirements
are
costly
and
a
major
source
of
software
errors.
• Requirements
drift
from
implementation.
• Lack
of
tool
support
for
requirements
evolution.
• If
we
don't
know
what,
or
more
importantly,
why
we
are
doing
something,
"how"
we
do
it
is
inconsequential.
2

3. The solution
• Focus
on
the
case
of
evolving
requirements
due
to
unanticipated
change.
• Introduce
a
simple
propositional
formalism
on
a
case
study.
• Define
solutions
to
requirements
problems.
• Define
the
requirements
evolution
problem.
• Use
a
functional
interface
to
determine
what
changes
to
make
and
why.
• Evaluate
the
performance
of
solution-­‐finding.
3

4. Requirements problems:
Goals, tasks, and assumptions
• Requirements
describe
stakeholder
desires
for
the
new
system
(e.g.,
“protect
cardholder
data”).
• These
desired
states
we
call
goals.
• Goals
are
iteratively
refined
until
operationalized
by
an
implementation
task.
• A
goal
model
defines
a
space
of
alternative
designs
for
satisfying
goals,
constrained
by
domain
assumptions.
The
requirements
problem:
given
a
set
of
goals,
which
tasks
and
assumptions
satisfy
those
goals?1
[1] [1] P. Zave and M. Jackson, “Four Dark Corners of Requirements
Engineering,” TOSEM, vol. 6, pp. 1-30, 1997.
4

5. PCI Data Security Standard
(PCI-DSS)
1. Build
and
Maintain
a
Secure
Network
2. Protect
Cardholder
Data
3. Maintain
a
Vulnerability
Management
Program
4. Implement
Strong
Access
Control
Measures
5. Regularly
Monitor
and
Test
Networks
6. Maintain
an
Information
Security
Policy
5

6. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

7. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

8. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

9. PCI-DSS model
Increase Goal
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

10. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept cash
Accept credit
card Refinement
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

11. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
Task No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

12. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Domain
Buy strongbox
Implement only one
primary function per
assumption
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

13. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
Alternatives server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
6

14. PCI-DSS model
Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
instances
servers
Conflict
6

15. Formalizing the requirements problem
•
D,
S
⊢
G1
• A
flavour
of
the
Techne
RE
language.
Concepts
• Goals
G
• Domain
assumptions
D
• Sets
of
implementation
tasks
S
Relations
• implication
(Horn
clause)
• conflict
(A,
B,
A
⋀
B
→⊥)
[1] Jureta, Borgida, Ernst, Mylopoulos, “Techne: Towards a New
Generation of Requirements Modeling Languages with Goals,
7 Preferences, and Inconsistency Handling.” RE2010, 115-124.

16. The REKB
• Store
requirements
problem
elements
as
logical
sentences.
• i.e.,
goals,
tasks,
domain
assumptions
and
relations
• Define
a
TELL/ASK
interface
for
solving
requirements
problems.
• TELL:
atoms,
sentences.
• UNTELL:
asserted
atoms.
• ASK:
solutions
to
requirements
problem
in
REKB.
8

17. Standard ASK questions
1. Are
goals
achieved
from
G
tasks?
(linear
time
complexity)
2. Find
minimal
sets
of
tasks
G1 G2
that
achieve
goals
(NP-­‐hard
complexity) T1 T2 T3
9

18. Standard ASK questions
1. Are
goals
achieved
from
G
tasks?
(linear
time
complexity)
2. Find
minimal
sets
of
tasks
G1 G2
that
achieve
goals
(NP-­‐hard
complexity) T1 T2 T3
9

19. Standard ASK questions
X
1. Are
goals
achieved
from
G
tasks?
(linear
time
complexity)
2. Find
minimal
sets
of
tasks
G1 G2
that
achieve
goals
(NP-­‐hard
complexity) T1 T2 T3
9

20. Standard ASK questions
1. Are
goals
achieved
from
G
tasks?
(linear
time
complexity)
2. Find
minimal
sets
of
tasks
G1 G2
that
achieve
goals
(NP-­‐hard
complexity) T1 T2 T3
9

21. Standard ASK questions
1. Are
goals
achieved
from
G
tasks?
(linear
time
complexity)
2. Find
minimal
sets
of
tasks
G1 G2
that
achieve
goals
(NP-­‐hard
complexity) T1 T2 T3
Smin = {T1, T3} {T2, T3}
9

22. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
10

23. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
10

24. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
10

25. The requirements evolution problem
• Given
an
existing
solution
Si
which
satisfies
D,
Si
⊢
G,
and
• modified
entities
(δ(G),
δ(D),
δ(S));
• Find
Ŝ
so
that
δ(D),
Ŝ
⊢
δ(G),
such
that
this
satisfies
some
desired
property
π,
relating
Ŝ
to
Si.
11

26. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Virtualize
Use multiple
server
servers
instances
12

27. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
server
No money for
new servers
Si Virtualize
Use multiple
server
servers
instances
12

28. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
Use Secure Hash
server
on CC #
No money for
new servers
Si Virtualize
Use multiple
server
servers
instances
12

29. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
Use Secure Hash
server
on CC #
No money for
new servers
Si Virtualize
Use multiple
server
servers
instances
New Requirement
12

30. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
Use Secure Hash
server
on CC #
No money for
new servers
Virtualize
Use multiple
server
servers
instances
New Requirement
12

31. Increase
revenues
Accept payment Avoid financial
losses and
penalties
Accept credit
Accept cash
card
Use Verifone Use Moneris Be PCI
POS POS compliant
Buy strongbox
Implement only one
primary function per
Use Secure Hash
server
on CC #
No money for
new servers
Virtualize
Use multiple
server
servers
Ŝ
instances
New Requirement
12

32. Useful properties π
1. Minimal
implementation
effort.
2. Minimal
change
effort
solutions.
3. Maximal
familiarity
solutions.
4. Solution
reuse
in
family
of
solutions.
Si Sa Sb Sc
a b c a c a b c
f g h
d e d f d g
13

33. Useful properties π
1. Minimal
implementation
effort.
2. Minimal
change
effort
solutions.
3. Maximal
familiarity
solutions.
4. Solution
reuse
in
family
of
solutions.
Si Sa Sb Sc
a b c a c a b c
f g h
d e d f d g
13

34. Useful properties π
1. Minimal
implementation
effort.
2. Minimal
change
effort
solutions.
3. Maximal
familiarity
solutions.
4. Solution
reuse
in
family
of
solutions.
Si Sa Sb Sc
a b c a c a b c
f g h
d e d f d g
13

35. Useful properties π
1. Minimal
implementation
effort.
2. Minimal
change
effort
solutions.
3. Maximal
familiarity
solutions.
4. Solution
reuse
in
family
of
solutions.
Si Sa Sb Sc
a b c a c a b c
f g h
d e d f d g
13

36. Useful properties π
1. Minimal
implementation
effort.
2. Minimal
change
effort
solutions.
3. Maximal
familiarity
solutions.
4. Solution
reuse
in
family
of
solutions.
Si Sa Sb Sc
a b c a c a b c
f g h
d e d f d g
13

37. Useful properties π
1. Minimal
implementation
effort.
2. Minimal
change
effort
solutions.
3. Maximal
familiarity
solutions.
4. Solution
reuse
in
family
of
solutions.
Si Sa Sb Sc
a b c a c a b c
f g h
d e d f d g
13

38. Useful properties π
1. Minimal
implementation
effort.
2. Minimal
change
effort
solutions.
3. Maximal
familiarity
solutions.
4. Solution
reuse
in
family
of
solutions.
Si Sa Sb Sc
a b c a c a b c
f g h
d e d f d g
13

39. Implementing the REKB
• REKB
is
a
functional
description.
• Leverages
an
Assumption-­‐based
Truth
Maintenance
System1
(ATMS).
• Incremental,
minimal,
conflict-­‐tolerant.
• Other
options:
SAT
solvers,
SMT,
PsB.
• Problem
solver
tracks
implemented
tasks,
versions
elements,
retracts
atoms.
[1] J. de Kleer, “An assumption-based TMS,” Artificial Intelligence, 28, 1986, pp. 127-162.
14

40. Evaluating the REKB
100
• Evaluate
the
REKB
10
Time (s)
approach
on 1
• the
PCI-­‐DSS
• random
requirements
0.1
models 0.01
0 50 100 150 200 250 300 350 400 450 500 550 600
# Nodes
15

41. Evaluating the REKB (2)
• Test
1
incremental
New%task
performance
Time (s)
on
three
High%level
evolution
0.1
Conflict
scenarios
(400
nodes)
Naive add
Incremental add
16

42. Conclusions
• The
REKB
is
a
framework
for
managing
goals,
tasks,
and
domain
assumptions.
• Find
incremental
solutions,
and
find
optimal
solutions.FIX
• Solving
requirements
problems
provide
the
“why”
for
maintenance
activity.
17

43. Thanks!
http://neilernst.net
@neilernst
github.com/neilernst
18