Corpus ID: 16138297

Quality Misuse

@inproceedings{Herrmann2005QualityM,
  title={Quality Misuse},
  author={Andrea Herrmann and Barbara Paech},
  year={2005}
}
There are several methods for the derivation and analysis of detailed non-functional requirements. They often are designed for a special application, like misuse cases for top-down derivation of requirements detailing the quality attribute “security”, or ATAM for evaluating given architectural alternatives. In this work, we apply misuse cases to any other quality attribute (e.g. usability, efficiency) to develop a misuse-based method for deriving detailed nonfunctional and functional… Expand

Figures from this paper

Using Requirements Engineering in an Automatic Security Policy Derivation Process
TLDR
The idea of this paper is to automate the process of deriving the formal security policy, using a more structured specification of the security objectives issued by the administrator of the information system to be secured, using the goal-oriented methodology KAOS. Expand
MOQARE: misuse-oriented quality requirements engineering
TLDR
MOQARE provides a general conceptual model of quality requirements, and a checklist-based process for deriving them in a top-down fashion, which starts from business goals and vague quality requirements and delivers detailed requirements. Expand
A Survey of Non-Functional Requirements in Software Development Process
TLDR
The NFR concepts are reviewed, how they are related to the overall software development process and new areas of further work are identified. Expand
Project proposal for FRITEK , 2007 : ReqSec : Requirements for Secure Information Systems
The project will develop and evaluate methodology and tool support for security requirements engineering, integrated with mainstream software development methods. The main features of theExpand
A Comparative Evaluation of Three Approaches to Specifying Security Requirements
TLDR
A comparative evaluation of three approaches to incorporating security specification into the requirements phase: The Common Criteria, Misuse Cases, and Attack Trees found that each approach has strengths and weaknesses, and that they can be complimentary when combined. Expand
Publication of the Association of Management A PROPOSITION OF A SET OF DESIGN PRINCIPLES FOR REQUIREMENT PRIORITIZATION ARTIFACTS
Prioritization of requirements towards finalizing the intended requirement set has considerable received attention from academicians and practitioners. Articles proposing requirement prioritizationExpand
Desiree - a Refinement Calculus for Requirements Engineering
TLDR
The results of the evaluations show that the ontology, language, and method of Desiree are adequate in capturing requirements in practice, and offer strong evidence that with sufficient training, the framework indeed helps people conduct more effective requirements engineering. Expand
Introducing the Common Non-Functional Ontology
TLDR
A common NFA ontology is proposed, which generalizes and integrates the different non-functional aspects under a common top-level ontology, and a series of specialized ontologies on specific non- functional aspects, such as trust, risk, privacy, threat and misuse are introduced. Expand
Alignment of Software Specifications with Quality- and Business Goals in the SIKOSA Methodology
TLDR
These aspects of the SIKOSA methodology, which especially align specification decisions to quality goals and indirectly to business goals, are presented. Expand
Model-Driven Service Level Management
TLDR
The main goals are to propose a model-based approach to IT services SLA specification and compliance verification and to proposing a SLA language - a domain specific language for defining quality attributes as non functional requirements (NFRs) in the context of ITSM. Expand
...
1
2
...

References

SHOWING 1-10 OF 15 REFERENCES
Templates for Misuse Case Description
TLDR
This paper discusses security related misuse cases through a discussion of templates for their textual description and introduces the concept of misuse cases – inverted use cases to denote functions that should not be possible to perform in a system. Expand
Eliciting security requirements with misuse cases
TLDR
This paper presents a systematic approach to eliciting security requirements based on use cases, with emphasis on description and method guidelines, and is potentially useful for several other types of extra-functional requirements beyond security. Expand
Security Use Cases
TLDR
This column provides examples and guidelines for properly specifying essential (i.e., requirements-level) security use cases for engineering security requirements. Expand
Analyzing and Specifying Reusable Security Requirements
Abstract : A system cannot have high assurance if it has poor security, and thus, requirements for high assurance systems will logically include security requirements as well as availability,Expand
ATAM: Method for Architecture Evaluation
TLDR
The Architecture Tradeoff Analysis Method (ATAM), a technique for analyzing software architectures that has been developed and refined in practice over the past three years, is presented. Expand
From system goals to intruder anti-goals: attack generation and resolution for security requirements engineering
Caring for security at requirements engineering time is a message that has finally received some attention recently. However, it is not yet very clear how to achieve this systematically through theExpand
Scenario-based Analysis of Non-Functional Requirements
TLDR
The role scenarios could play in addressing non-functional requirements and a method for scenario generation and analysis for the purpose is proposed. Expand
Inferring Declarative Requirements Specifications from Operational Scenarios
TLDR
The benefits of inferring declarative specifications of goals from operational scenarios are demonstrated by examples of formal analysis at the goal level, including conflict analysis, obstacle analysis, the inference of higher level goals, and the derivation of alternative scenarios that better achieve the underlying goals. Expand
Initial industrial experience of misuse cases in trade-off analysis
  • I. Alexander
  • Computer Science
  • Proceedings IEEE Joint International Conference on Requirements Engineering
  • 2002
TLDR
Experience in a railway trade-off study led to the devising of a set of relationships suited to trade-offs analysis: 'threatens', 'mitigates', 'aggravates', and 'conflicts with', as well as the more general 'includes'. Expand
Misuse Cases: Use Cases with Hostile Intent
TLDR
The elicitation of safety requirements from failure cases is discussed and the interplay of design, functional, and nonfunctional requirements is considered. Expand
...
1
2
...