Advertisement

Towards Adaptation and Evolution of Domain-Specific Knowledge for Maintaining Secure Systems

  • Thomas Ruhroth
  • Stefan Gärtner
  • Jens Bürger
  • Jan Jürjens
  • Kurt Schneider
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8892)

Abstract

Creating and maintaining secure software require a good understanding of the system and its environment. Knowledge management is therefore one of the key factors to maintain secure software successfully. However, acquiring and modeling knowledge is a labor-intensive and time-consuming task. Thus, knowledge ought to be shared among different projects and must be adapted to their specific needs. In this paper, we present an approach allowing the stepwise adaptation from domain- to project-specific knowledge based on OWL ontologies. For this purpose, we define a basic set of adaptation operators which allows effective and frugal changes. Moreover, we discuss how our approach can be integrated into common software process models in order to adapt knowledge required for maintenance. Since domain- and project-specific knowledge changes over time, we show how our approach copes with changes efficiently, so that the affected knowledge remains consistent. The shared use of knowledge significantly reduces the complexity and effort to model required knowledge in various projects. Our case study and tool implementation shows the benefits for maintaining secure systems.

Keywords

ontology adaptation domain-specific adaptation maintaining secure systems (co-)evolution 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    British Parliament: Data Protection Act (1998)Google Scholar
  2. 2.
    Bundesministerium des Inneren: Bundesdatenschutzgesetz. BundesgesetzblattGoogle Scholar
  3. 3.
    Bürger, J., Jürjens, J., Ruhroth, T., Gärtner, S., Schneider, K.: Model-based security engineering: Managed co-evolution of security knowledge and software models. In: Aldini, A., Lopez, J., Martinelli, F. (eds.) FOSAD VII. LNCS, vol. 8604, pp. 34–53. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  4. 4.
    Calvanese, D., De Giacomo, G., Lenzerini, M.: A Framework for Ontology Integration. In: The Emerging Semantic Web. IOS Press (2002)Google Scholar
  5. 5.
    EU Parliament: Directive 95/46/EC of the european parliament and of the council of 24 october 1995. Official Journal of the European Union L 281, 0031–0050 (1995)Google Scholar
  6. 6.
    Gärtner, S., Ruhroth, T., Bürger, J., Schneider, K., Jürjens, J.: Maintaining Requirements for Long-Living Software Systems by Incorporating Security Knowledge. In: 22nd IEEE International Requirements Engineering Conference, pp. 103–112. IEEE (2014)Google Scholar
  7. 7.
    Grubb, P., Takang, A.: Software Maintenance: Concepts and Practice. World Scientific (2003)Google Scholar
  8. 8.
    Haase, P., Stojanovic, L.: Consistent evolution of OWL ontologies. In: Gómez-Pérez, A., Euzenat, J. (eds.) ESWC 2005. LNCS, vol. 3532, pp. 182–197. Springer, Heidelberg (2005)Google Scholar
  9. 9.
    Happel, H., Seedorf, S.: Applications of ontologies in software engineering. In: Proc. of Workshop on Sematic Web Enabled Software Engineering (SWESE) (2006)Google Scholar
  10. 10.
    Heflin, J., Hendler, J., Luke, S.: Coping with changing ontologies in a distributed environment. In: AAAI 1999 Workshop on Ontology Management (1999)Google Scholar
  11. 11.
    Herold, S., et al.: CoCoME - The common component modeling example. In: Rausch, A., Reussner, R., Mirandola, R., Plášil, F. (eds.) The Common Component Modeling Example. LNCS, vol. 5153, pp. 16–53. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Javed, M.: Operational Change Management and Change Pattern Identification for Ontology Evolution. PhD thesis, Dublin City University (May 2013)Google Scholar
  13. 13.
    Javed, M., Abgaz, Y.M., Pahl, C.: Ontology change management and identification of change patterns. J. Data Semantics 2(2-3), 119–143 (2013)CrossRefGoogle Scholar
  14. 14.
    Jürjens, J.: Secure Systems Development with UML. Springer (2005)Google Scholar
  15. 15.
    Jürjens, J., Wimmel, G.: Security modelling for electronic commerce: The Common Electronic Purse Specifications. In: Schmid, B., Stanoevska-Slabeva, K., Tschammer, V. (eds.) Towards the E-Society. IFIP, vol. 74, pp. 489–506. Springer, Boston (2001)CrossRefGoogle Scholar
  16. 16.
    Klein, M., Fensel, D.: Ontology versioning on the Semantic Web. In: SWWS, pp. 75–91 (2001)Google Scholar
  17. 17.
    Meyer, S., Averbakh, A., Ronneberger, T., Schneider, K.: Experiences from Establishing Knowledge Management in a Joint Research Project. In: Dieste, O., Jedlitschka, A., Juristo, N. (eds.) PROFES 2012. LNCS, vol. 7343, pp. 233–247. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  18. 18.
    Münch, J., Armbrust, O., Kowalczyk, M., Soto, M.: Software Process Definition and Management. Springer (2012)Google Scholar
  19. 19.
    Noy, N.F., Kunnatur, S., Klein, M., Musen, M.A.: Tracking changes during ontology evolution. In: McIlraith, S.A., Plexousakis, D., van Harmelen, F. (eds.) ISWC 2004. LNCS, vol. 3298, pp. 259–273. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Noy, N.F., Chugh, A., Liu, W., Musen, M.A.: A framework for ontology evolution in collaborative environments. In: Cruz, I., Decker, S., Allemang, D., Preist, C., Schwabe, D., Mika, P., Uschold, M., Aroyo, L.M. (eds.) ISWC 2006. LNCS, vol. 4273, pp. 544–558. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. 21.
    Pinto, H.S., Martins, J.P.: A methodology for ontology integration. In: Proc. of K-CAP, pp. 131–138. ACM (2001)Google Scholar
  22. 22.
    Ruhroth, T., Gärtner, S., Bürger, J., Jürjens, J., Schneider, K.: Versioning and evolution requirements for model-based system development. In: International Workshop on Comparison and Versioning of Software Models (CVSM) (2014)Google Scholar
  23. 23.
    Ruhroth, T., Wehrheim, H.: Refinement-preserving co-evolution. In: Breitman, K., Cavalcanti, A. (eds.) ICFEM 2009. LNCS, vol. 5885, pp. 620–638. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Ruhroth, T., Wehrheim, H.: Model evolution and refinement. Science of Computer Programming 77(3), 270–289 (2012)CrossRefzbMATHGoogle Scholar
  25. 25.
    Stanford Center for Biomedical Informatics Research (BMIR): Protege - homepage, http://protege.stanford.edu
  26. 26.
    Stojanovic, L.: Methods and tools for ontology evolution. PhD thesis, Karlsruhe Institute of Technology (2004)Google Scholar
  27. 27.
    Stojanovic, L., Maedche, A., Motik, B., Stojanovic, N.: User-driven ontology evolution management. In: Gómez-Pérez, A., Benjamins, V.R. (eds.) EKAW 2002. LNCS (LNAI), vol. 2473, pp. 285–300. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  28. 28.
    Tiwana, A.: An empirical study of the effect of knowledge integration on software development performance. Information and Software Technology 46(13), 899–906 (2004)CrossRefGoogle Scholar
  29. 29.
    Udrea, O., Getoor, L., Miller, R.J.: Leveraging data and structure in ontology integration. In: Proc. of SIGMOD, pp. 449–460. ACM (2007)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Thomas Ruhroth
    • 1
  • Stefan Gärtner
    • 2
  • Jens Bürger
    • 1
  • Jan Jürjens
    • 3
  • Kurt Schneider
    • 2
  1. 1.TU DortmundGermany
  2. 2.Leibniz Universität HannoverGermany
  3. 3.TU Dortmund and Fraunhofer ISSTGermany

Personalised recommendations