Abstract
Creating and maintaining secure software require a good understanding of the system and its environment. Knowledge management is therefore one of the key factors to maintain secure software successfully. However, acquiring and modeling knowledge is a labor-intensive and time-consuming task. Thus, knowledge ought to be shared among different projects and must be adapted to their specific needs. In this paper, we present an approach allowing the stepwise adaptation from domain- to project-specific knowledge based on OWL ontologies. For this purpose, we define a basic set of adaptation operators which allows effective and frugal changes. Moreover, we discuss how our approach can be integrated into common software process models in order to adapt knowledge required for maintenance. Since domain- and project-specific knowledge changes over time, we show how our approach copes with changes efficiently, so that the affected knowledge remains consistent. The shared use of knowledge significantly reduces the complexity and effort to model required knowledge in various projects. Our case study and tool implementation shows the benefits for maintaining secure systems.
Funded by the DFG project SecVolution (JU 2734/2-1, SCHN 1072/4-1), part of the priority programe SPP 1593 “Design For Future - Managed Software Evolution”.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
British Parliament: Data Protection Act (1998)
Bundesministerium des Inneren: Bundesdatenschutzgesetz. Bundesgesetzblatt
Bürger, J., Jürjens, J., Ruhroth, T., Gärtner, S., Schneider, K.: Model-based security engineering: Managed co-evolution of security knowledge and software models. In: Aldini, A., Lopez, J., Martinelli, F. (eds.) FOSAD VII. LNCS, vol. 8604, pp. 34–53. Springer, Heidelberg (2014)
Calvanese, D., De Giacomo, G., Lenzerini, M.: A Framework for Ontology Integration. In: The Emerging Semantic Web. IOS Press (2002)
EU Parliament: Directive 95/46/EC of the european parliament and of the council of 24 october 1995. Official Journal of the European Union L 281, 0031–0050 (1995)
Gärtner, S., Ruhroth, T., Bürger, J., Schneider, K., Jürjens, J.: Maintaining Requirements for Long-Living Software Systems by Incorporating Security Knowledge. In: 22nd IEEE International Requirements Engineering Conference, pp. 103–112. IEEE (2014)
Grubb, P., Takang, A.: Software Maintenance: Concepts and Practice. World Scientific (2003)
Haase, P., Stojanovic, L.: Consistent evolution of OWL ontologies. In: Gómez-Pérez, A., Euzenat, J. (eds.) ESWC 2005. LNCS, vol. 3532, pp. 182–197. Springer, Heidelberg (2005)
Happel, H., Seedorf, S.: Applications of ontologies in software engineering. In: Proc. of Workshop on Sematic Web Enabled Software Engineering (SWESE) (2006)
Heflin, J., Hendler, J., Luke, S.: Coping with changing ontologies in a distributed environment. In: AAAI 1999 Workshop on Ontology Management (1999)
Herold, S., et al.: CoCoME - The common component modeling example. In: Rausch, A., Reussner, R., Mirandola, R., Plášil, F. (eds.) The Common Component Modeling Example. LNCS, vol. 5153, pp. 16–53. Springer, Heidelberg (2008)
Javed, M.: Operational Change Management and Change Pattern Identification for Ontology Evolution. PhD thesis, Dublin City University (May 2013)
Javed, M., Abgaz, Y.M., Pahl, C.: Ontology change management and identification of change patterns. J. Data Semantics 2(2-3), 119–143 (2013)
Jürjens, J.: Secure Systems Development with UML. Springer (2005)
Jürjens, J., Wimmel, G.: Security modelling for electronic commerce: The Common Electronic Purse Specifications. In: Schmid, B., Stanoevska-Slabeva, K., Tschammer, V. (eds.) Towards the E-Society. IFIP, vol. 74, pp. 489–506. Springer, Boston (2001)
Klein, M., Fensel, D.: Ontology versioning on the Semantic Web. In: SWWS, pp. 75–91 (2001)
Meyer, S., Averbakh, A., Ronneberger, T., Schneider, K.: Experiences from Establishing Knowledge Management in a Joint Research Project. In: Dieste, O., Jedlitschka, A., Juristo, N. (eds.) PROFES 2012. LNCS, vol. 7343, pp. 233–247. Springer, Heidelberg (2012)
Münch, J., Armbrust, O., Kowalczyk, M., Soto, M.: Software Process Definition and Management. Springer (2012)
Noy, N.F., Kunnatur, S., Klein, M., Musen, M.A.: Tracking changes during ontology evolution. In: McIlraith, S.A., Plexousakis, D., van Harmelen, F. (eds.) ISWC 2004. LNCS, vol. 3298, pp. 259–273. Springer, Heidelberg (2004)
Noy, N.F., Chugh, A., Liu, W., Musen, M.A.: A framework for ontology evolution in collaborative environments. In: Cruz, I., Decker, S., Allemang, D., Preist, C., Schwabe, D., Mika, P., Uschold, M., Aroyo, L.M. (eds.) ISWC 2006. LNCS, vol. 4273, pp. 544–558. Springer, Heidelberg (2006)
Pinto, H.S., Martins, J.P.: A methodology for ontology integration. In: Proc. of K-CAP, pp. 131–138. ACM (2001)
Ruhroth, T., Gärtner, S., Bürger, J., Jürjens, J., Schneider, K.: Versioning and evolution requirements for model-based system development. In: International Workshop on Comparison and Versioning of Software Models (CVSM) (2014)
Ruhroth, T., Wehrheim, H.: Refinement-preserving co-evolution. In: Breitman, K., Cavalcanti, A. (eds.) ICFEM 2009. LNCS, vol. 5885, pp. 620–638. Springer, Heidelberg (2009)
Ruhroth, T., Wehrheim, H.: Model evolution and refinement. Science of Computer Programming 77(3), 270–289 (2012)
Stanford Center for Biomedical Informatics Research (BMIR): Protege - homepage, http://protege.stanford.edu
Stojanovic, L.: Methods and tools for ontology evolution. PhD thesis, Karlsruhe Institute of Technology (2004)
Stojanovic, L., Maedche, A., Motik, B., Stojanovic, N.: User-driven ontology evolution management. In: Gómez-Pérez, A., Benjamins, V.R. (eds.) EKAW 2002. LNCS (LNAI), vol. 2473, pp. 285–300. Springer, Heidelberg (2002)
Tiwana, A.: An empirical study of the effect of knowledge integration on software development performance. Information and Software Technology 46(13), 899–906 (2004)
Udrea, O., Getoor, L., Miller, R.J.: Leveraging data and structure in ontology integration. In: Proc. of SIGMOD, pp. 449–460. ACM (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Ruhroth, T., Gärtner, S., Bürger, J., Jürjens, J., Schneider, K. (2014). Towards Adaptation and Evolution of Domain-Specific Knowledge for Maintaining Secure Systems. In: Jedlitschka, A., Kuvaja, P., Kuhrmann, M., Männistö, T., Münch, J., Raatikainen, M. (eds) Product-Focused Software Process Improvement. PROFES 2014. Lecture Notes in Computer Science, vol 8892. Springer, Cham. https://doi.org/10.1007/978-3-319-13835-0_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-13835-0_17
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13834-3
Online ISBN: 978-3-319-13835-0
eBook Packages: Computer ScienceComputer Science (R0)