Requirements Engineering

, Volume 9, Issue 2, pp 132–150

Specifying and analyzing early requirements in Tropos

  • Ariel Fuxman
  • Lin Liu
  • John Mylopoulos
  • Marco Pistore
  • Marco Roveri
  • Paolo Traverso
Original Article

Abstract

We present a framework that supports the formal verification of early requirements specifications. The framework is based on Formal Tropos, a specification language that adopts primitive concepts for modeling early requirements (such as actor, goal, and strategic dependency), along with a rich temporal specification language. We show how existing formal analysis techniques, and in particular model checking, can be adapted for the automatic verification of Formal Tropos specifications. These techniques have been implemented in a tool, called the T-Tool, that maps Formal Tropos specifications into a language that can be handled by the NuSMV model checker. Finally, we evaluate our methodology on a course-exam management case study. Our experiments show that formal analysis reveals gaps and inconsistencies in early requirements specifications that are by no means trivial to discover without the help of formal analysis tools.

Keywords

Early requirements specifications Formal methods Model checking 

References

  1. 1.
    Yu E (1997) Towards modeling and reasoning support for early requirements engineering. In: Proceedings of the IEEE international symposium on requirement engineering. IEEE Computer Society, Washington, DC, pp 226–235Google Scholar
  2. 2.
    Bowen J, Stavridou V (1993) Safety critical systems, formal methods and standards. IEEE/BCS Software Eng J 8:189–209Google Scholar
  3. 3.
    Spivey J (1989) The Z notation, 2nd edn. Prentice Hall, Englewood Cliffs, NJGoogle Scholar
  4. 4.
    Heitmeyer C, Jeffords R, Labaw B (1996) Automated consistency checking of requirements specification. ACM T Software Eng Meth 5:231–261CrossRefGoogle Scholar
  5. 5.
    Ghezzi C, Mandrioli D, Morzenti A (1990) TRIO, a logic language for executable specifications of real-time systems. J Syst Software 2:107–123CrossRefGoogle Scholar
  6. 6.
    Morzenti A, San Pietro P (1994) Object-oriented logic specifications of time critical systems. Trans Software Eng Meth 3:56–98CrossRefGoogle Scholar
  7. 7.
    Dardenne A, van Lamsweerde A, Fickas S (1993) Goal-directed requirements acquisition. Sci Comput Program 20:3–50CrossRefGoogle Scholar
  8. 8.
    Darimont R, Delor E, Massonet P, van Lamsweerde A (1998) GRAIL/KAOS: an environment for goal-driven requirements engineering. In: Proceedings of the 20th international conference on software engineering, vol 2, Kyoto, April 1998, pp 58–62Google Scholar
  9. 9.
    Clarke EM, Grumberg O, Peled D (1999) Model checking. MIT Press, Cambridge, MAGoogle Scholar
  10. 10.
    Cimatti A, Clarke EM, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, Tacchella A (2002) NuSMV 2: An opensource tool for symbolic model checking. In: Proceedings of computer aided verification conference, Copenhagen, July 2002. Lecture notes in computer science, vol 2404. Springer, Berlin Heidelberg New YorkGoogle Scholar
  11. 11.
    Fuxman A, Pistore M, Mylopoulos J, Traverso P (2001) Model checking early requirements specifications in Tropos. In: Proceedings of the 5th IEEE international symposium on requirements engineering, Toronto, August 2001. IEEE Computer Society, Washington, DC, pp 174–181Google Scholar
  12. 12.
    Fuxman A, Liu L, Pistore M, Roveri M, Mylopoulos J (2003) Specifying and analyzing early requirements in Tropos: some experimental results. In: Proceedings of the 11th IEEE international requirements engineering conference, Monterey Bay, CA, September 2003. ACM, New YorkGoogle Scholar
  13. 13.
    Fuxman A (2001) Formal analysis of early requirements specifications. Thesis, University of TorontoGoogle Scholar
  14. 14.
    The Formal Tropos language, 2003.http://dit.unitn.it/~ft/doc/. Cited 10 February 2004
  15. 15.
    Halpern J, Vardi M (1991) Model checking vs. theorem proving: a manifesto. In: Proceedings of the 2nd international conference on principles of knowledge representation and reasoning, Cambridge, MA, USA, 22–25 April 1991. Morgan Kaufmann, San Francisco, pp 325–334Google Scholar
  16. 16.
    McMillan KL (1993) Symbolic model checking. Kluwer Academic, DordrechtGoogle Scholar
  17. 17.
    Bryant RE (1992) Symbolic Boolean manipulation with ordered binary-decision diagrams. ACM Comput Surv 24:293–318CrossRefGoogle Scholar
  18. 18.
    Biere A, Cimatti A, Clarke EM, Zhu Y (1999) Symbolic model checking without BDDs. In: Proceedings of the 5th international conference on tools and algorithms for the construction and analysis of systems, Amsterdam, March 1999. Lecture notes in computer science, vol 1579. Springer, Berlin Heidelberg New York, pp 193–207Google Scholar
  19. 19.
    Benedetti M, Cimatti A (2003) Bounded model checking for past LTL. In: Proceedings of the 9th international conference on tools and algorithms for the construction and analysis of systems, Warsaw, Poland, April 2003. Lecture notes in computer science, vol 2619. Springer, Berlin Heidelberg New York, pp 18–33Google Scholar
  20. 20.
    Berezin S, Campos S, Clarke EM (1998). Compositional reasoning in model checking. In: Proceedings of international symposium on compositionality (COMPOS’97), Bad Malente, Germany, September 1998. Lecture notes in computer science, vol 1536. Springer, Berlin Heidelberg New York, pp 81–102Google Scholar
  21. 21.
    Jackson D, Schechter I, Shlyakhter I (2000) Alcoa: the alloy constraint analyzer. In: Proceedings of the 22nd international conference on on software engineering, Limerick, June 2000. ACM, New YorkGoogle Scholar
  22. 22.
    Jackson D (2002) Alloy: a lightweight object modeling notation. ACM T Software Eng Meth 11:256–290CrossRefGoogle Scholar
  23. 23.
    Heitmeyer C, Kirby J, Labaw B (1997) The SCR method for formally specifying, verifying, and validating requirements: tool support. In: Proceedings of the 19th international conference on software engineering. ACM, New York, pp 610–611Google Scholar
  24. 24.
    Choi Y, Heimdahl MPE (2002) Model checking RSML–e requirements. In: Proceedings of the 7th IEEE international symposium on high assurance systems engineering, Tokyo, October 2002. IEEE Computer Society, Washington, DC, pp 109–119Google Scholar
  25. 25.
    Perini A, Pistore M, Roveri M, Susi A (2003) Agent-oriented modeling by interleaving formal and informal specification. In: Proceedings of the 4th international workshop on agent-oriented software engineering, Melbourne, Australia, July 2003. Lecture notes in computer science. Springer, Berlin Heidelberg New YorkGoogle Scholar

Copyright information

© Springer-Verlag London Limited 2004

Authors and Affiliations

  • Ariel Fuxman
    • 1
  • Lin Liu
    • 1
  • John Mylopoulos
    • 1
  • Marco Pistore
    • 2
  • Marco Roveri
    • 3
  • Paolo Traverso
    • 3
  1. 1.Department of Computer ScienceUniversity of TorontoTorontoCanada
  2. 2.Department of Information and Communication TechnologyUniversity of TrentoTrentoItaly
  3. 3.ITC-irstTrentoItaly

Personalised recommendations