Domain analysis requirements elicitation outline u Identifying stakeholders
- Slides: 68
Domain analysis & requirements elicitation: outline u Identifying stakeholders & interacting with them u Artifact-driven elicitation techniques – – – u Background study Data collection, questionnaires Repertory grids, card sorts for concept acquisition Scenarios, storyboards for problem world exploration Prototypes, mock-ups for early feedback Knowledge reuse: domain-independent, domain-specific Stakeholder-driven elicitation techniques – Interviews – Observation and ethnographic studies – Group sessions www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 1
Interviews u Primary technique for knowledge elicitation 1. Select stakeholder specifically for info to be acquired (domain expert, manager, salesperson, end-user, consultant, . . . ) 2. Organize meeting with interviewee, ask questions, record answers 3. Write report from interview transcripts 4. Submit report to interviewee for validation & refinement u Single interview may involve multiple stakeholders J saves times L weaker contact; individuals less involved, speak less freely u Interview effectiveness: effectiveness (utility x coverage of acquired info) / acquisition time www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 2
Types of interviews u Structured interview: predetermined set of questions – specific to purpose of interview – some open-ended, others with pre-determined answer set => more focused discussion, no rambling among topics u Unstructured interview: no predetermined set of questions – free discussion about system-as-is, perceived problems, proposed solutions => exploration of possibly overlooked issues => Effective interviews should mix both modes. . . – start with structured parts – shift to unstructured parts as felt necessary www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 3
Interviews: strengths & difficulties J May reveal info not acquired through other techniques – how things are running really, personal complaints, suggestions for improvement, . . . J On-the-fly acquisition of info appearing relevant – new questions triggered from previous answers L Acquired info might be subjective (hard to assess) L Potential inconsistencies between different interviewees L Effectiveness critically relies on interviewer’s attitude, appropriateness of questions => Interviewing guidelines www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 4
Guidelines for effective interviews u u Identify the right interviewee sample for full coverage of issues – different responsibilities, expertise, tasks, exposure to problems Come prepared, to focus on right issue at right time – background study first – pre-design a sequence of questions for this interviewee u Centre the interview on the interviewee’s work & concerns u Keep control over the interview u Make the interviewee feel comfortable – Start: break ice, provide motivation, ask easy questions – Consider the person too, not only the role – Do always appear as a trustworthy partner www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 5
Guidelines for effective interviews (2) u Be focused, keep open-ended questions for the end u Be open-minded, flexible in case of unexpected answers u Ask why-questions without being offending u Avoid certain types of questions. . . – opinionated or biased – affirmative – obvious or impossible answer for this interviewee u Edit & structure interview transcripts while still fresh in mind – including personal reactions, attitudes, etc u Keep interviewee in the loop – co-review interview transcript for validation & refinement Model-driven interviews may help structure them (see Part 2 of the book) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 6
Observation & ethnographic studies u u Focus on task elicitation in the system-as-is Understanding a task is often easier by observing people performing it (rather than verbal or textual explanation) – cf. tying shoelaces u Passive observation: no interference with task performers – Watch from outside, record (notes, video), edit transcripts, interpret – Protocol analysis: analysis task performers concurrently explain it – Ethnographic studies: studies over long periods of time, try to discover emergent properties of social group involved about task performance + attitudes, reactions, gestures, . . . u Active observation: you get involved in the task, even become a team member www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 7
Observation & ethnographic studies: pros & cons J May reveal. . . – tacit knowledge that would not emerge otherwise e. g. ethnographic study of air traffic control => implicit mental model of air traffic to be preserved in system-to-be – hidden problems through tricky ways of doing things – culture-specific aspects to be taken into account J Contextualization of acquired info L Slow & expensive: to be done over long periods of time, at different times, under different workload conditions L Potentially inaccurate (people behave differently when observed) L Data mining problem, interpretation problem L Focus on system-as-is Some of the interviewing guidelines are relevant www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 8
Group sessions u u u More perception, judgment, invention from interactions within group of diverse people Elicitation takes place in series of group workshops (a few days each) + follow-up actions audiovisuals, wall charts to foster discussion, record outcome Structured group sessions: – Each participant has a clearly defined role (leader, moderator, manager, user, developer, . . . ) – Contributes to req elaboration according to his/her role, towards reaching synergies – Generally focused on high-level reqs – Variants: focus groups, JAD, QFD, . . . www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 9
Group sessions u (2) Unstructured group sessions (brainstorming): – Participants have a less clearly defined role – Two separate stages. . . 1. Idea generation to address a problem: as many ideas as possible from each participant without censorship/criticism 2. Idea evaluation: evaluation by all participants together according to agreed criteria (e. g. value, cost, feasibility) to prioritize ideas www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 10
Group sessions: pros & cons J Less formal interactions than interviews => may reveal hidden aspects of the system (as-is or to-be) J Potentially. . . – wider exploration of issues & ideas – more inventive ways of addressing problems J Synergies => agreed conflict resolutions L Group composition is critical. . . – time consuming for key, busy people – heavily relying on leader expertise & skills – group dynamics, dominant persons => biases, inadequacies L Risk of. . . – missing focus & structure => rambling discussions, little concrete outcome, waste of time – superficial coverage of more technical issues www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 11
Combining techniques u u Elicitation techniques have complementary strengths & limitations Strength-based combinations are more effective for full, adequate coverage – artifact-driven + stakeholder-driven u Examples – Contextual Inquiry: Inquiry workplace observation + open-ended interviews + prototyping – RAD: RAD JAD group sessions + evolutionary prototyping (with code generation tools) u Techniques from other RE phases support elicitation too – Resolution of conflicts, risks, omissions, etc. www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 12
Domain analysis & requirements elicitation: summary u u Identifying the right stakeholders, interacting the right way Artifact-driven elicitation techniques – – – u Background study as a prerequisite Data collection, questionnaires for preparing interviews Repertory grids, card sorts for concept characterization Scenarios, storyboards for concrete exploration Prototypes, mock-ups for early feedback & adequacy check Knowledge reuse brings a lot: domain-independent, domain-specific Stakeholder-driven elicitation techniques – Interviews are essential - structured, unstructured, cf. guidelines – Observation, ethnographic studies for hidden knowledge – Group sessions for broader, more inventive acquisition & agreement Model-driven elicitation provides focus & structure for what needs to be elicited (see Part 2 of the book) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 13
www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 14
Requirements Engineering From System Goals to UML Models to Software Specifications Axel Van Lamsweerde www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 15
Fundamentals of RE Chapter 3 Requirements Evaluation www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 16
Chap. 1: RE products and processes alternative options Chap. 2: Elicitation techniques consolidated requirements Chap. 3: Evaluation techniques start agreed requirements documented requirements www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 17
Negotiation-based decision making: as introduced in Chapter 1. . . u u Identification & resolution of inconsistencies – conflicting stakeholder viewpoints, non-functional reqs, . . . – to reach agreement Identification, assessment & resolution of system risks – critical objectives not met, e. g. safety hazards, security threats, development risks, . . . – to get new reqs for more robust system-to-be Comparison of alternative options, options selection of preferred ones – different ways of: meeting same objective, assigning responsibilities, resolving conflicts & risks Requirements prioritization – to resolve conflicts, address cost/schedule constraints, support incremental development www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 18
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 19
Inconsistency management u Inconsistency = violation of consistency rule among items u Inconsistencies are highly frequent in RE – inter-viewpoints: inter-viewpoints each stakeholder has its own focus & concerns (e. g. domain experts vs. marketing dept) – intra-viewpoint: intra-viewpoint conflicting quality reqs (e. g. security vs. usability) u Inconsistencies must be detected and resolved. . . – not too soon: to allow further elicitation within viewpoint – not too late: to allow software development (anything may be developed from inconsistent specs) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 20
Types of inconsistency in RE u Terminology clash: clash same concept named differently in different statements e. g. library management: “borrower” vs. “patron” u Designation clash: clash same name for different concepts in different statements e. g. “user” for “library user” vs. “library software user” u Structure clash: clash same concept structured differently in different statements e. g. “latest return date” as time point (e. g. Fri 5 pm) vs. time interval (e. g. Friday) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 21
Types of inconsistency in RE u (2) Strong conflict: conflict statements not satisfiable together – i. e. logically inconsistent: S, not S e. g. “participant constraints may not be disclosed to anyone else” vs. “the meeting initiator should know participant constraints” u Weak conflict (divergence): statements not satisfiable together under some boundary condition – i. e. strongly conflicting if B holds: potential conflict – MUCH more frequent in RE e. g. (staff’s viewpoint) “patrons shall return borrowed copies within X weeks” vs. (patron’s viewpoint) “patrons shall keep borrowed copies as long as needed” B: “a patron needing a borrowed copy more than X weeks” www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 22
Handling inconsistencies u Handling clashes in terminology, designation, structure: through agreed glossary of terms to stick to – For some terms, if needed: accepted synonym(s) – To be built during elicitation phase u Weak, strong conflicts: more difficult, deeper causes. . . – Often rooted in underlying personal objectives of stakeholders => to be handled at root level and propagated to requirements level – Inherent to some non-functional concerns (performance vs. safety, confidentiality vs. awareness, . . . ) => exploration of preferred tradeoffs – Example: spiral, negotiation-based reconciliation of win conditions [Boehm et al, 1995] www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 23
Managing conflicts: a systematic process u Overlap = reference to common terms or phenomena – precondition for conflicting statements – e. g. gathering meeting constraints, determining schedules u Conflict detection. . . (see Chapters 16, 18) – informally – using heuristics on conflicting req categories “Check information req & confidentiality req on related objects” “Check reqs on decreasing & increasing related quantities” – using conflict patterns – formally (theorem proving techniques) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 24
Detected conflicts should be documented u For later resolution, for impact analysis ? statement in multiple conflicts, most conflicting statements, . . . ? u u Using documentation tools, query tools along Conflict links recorded in requirements database Or in interaction matrix: matrix Statement Sij = S 1 S 2 S 3 S 4 Total S 1 0 1000 1 1 1002 1: conflict S 2 1000 0: no overlap S 3 1 0 0 1 2 S 4 1 0 2 Total 1002 1000 2 2 2006 1000: no conflict #Conflicts(S 1) = remainder. Of (1002 div 1000) #non. Conflicting. Overlaps(S 1) = quotient. Of (1002 div 1000) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 25
Managing conflicts: a systematic process u (2) For optimal resolution, better to. . . – explore multiple candidate resolutions first, – compare, select/agree on most preferred next u To generate candidate resolutions, use. . . – elicitation techniques (interviews, group sessions) – resolution tactics www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 26
Conflict resolution tactics u Avoid boundary condition e. g. “Keep copies of highly needed books unborrowable” u Restore conflicting statements e. g. “Copy returned within X weeks and then borrowed again” u Weaken conflicting statements e. g. “Copy returned within X weeks unless explicit permission” u Drop lower-priority statements u Specialize conflict source or target e. g. “Book loan status known by staff users only” Transform conflicting statements or involved objects, or introduce new requirements www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 27
Managing conflicts: a systematic process u (3) Evaluation criteria for preferred resolution: – contribution to critical non-functional requirements – contribution to resolution of other conflicts & risks u See. . . – Sect. 3. 3 in this chapter (“Evaluating alternative options”) – Chapters 16, 18 www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 28
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – Types of risk – – – Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 29
What is a risk ? u Uncertain factor whose occurrence may result in loss of satisfaction of a corresponding objective e. g. a passenger forcing doors opening while train moving a meeting participant not checking email regularly u A risk has. . . – a likelihood of occurrence, – one or more undesirable consequences e. g. passengers falling out of train moving with doors open u Each risk consequence has. . . – a likelihood of occurrence if the risk occurs (not to be confused with risk likelihood) – a severity: severity degree of loss of satisfaction of objective www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 30
Types of RE risk u Product-related risks: negative impact on functional or nonfunctional objectives of the system => failure to deliver services or quality of service e. g. security threats, safety hazards u Process-related risks: negative impact on development objectives => delayed delivery, cost overruns, . . . e. g. personnel turnover www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 31
RE risk management what system-specific risks? u u likely? severe, likely consequences? countermeasures as new reqs Risk management is iterative – countermeasures may introduce new risks Poor risk management is a major cause of software failure – natural inclination to conceive over-ideal systems (nothing can go wrong) – unrecognized, underestimated risks => incomplete, inadequate reqs www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 32
Risk identification: risk checklists u Instantiation of risk categories to project specifics – associated with corresponding req categories u (cf. Chap. 1) Product-related risks: req unsatisfaction in functional or quality req categories – info inaccuracy, unavailability, unusability, poor response time, poor peak throughput, . . . e. g. ? inaccurate estimates of train speed, positions ? u Process-related risks: top 10 risks [Boehm, 1989] – req volatility, personnel shortfalls, dependencies on external sources, unrealistic schedules/budgets, . . . – poor risk management e. g. ? unexperienced developer team for train system ? www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 33
Risk identification: component inspection u u For product-related risks Review each component of the system-to-be: human, device, software component. . . – can it fail? – how? – why? – what are possible consequences? e. g. on-board train controller, station computer, tracking system, communication infrastructure, . . . u Finer-grained components => more accurate analysis e. g. acceleration controller, doors controller, track sensors, . . . www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 34
Risk identification: risk trees u Tree organization for causal linking of failures, causes, consequences – similar to fault trees in safety, threat trees in security u u Failure node = independent failure event or condition – decomposable into finer-grained nodes AND/OR links: links causal links through logical nodes. . . – AND-node: AND-node child nodes must all occur for parent node to occur as consequence – OR-node: OR-node only one child node needs to occur www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 35
Risk tree: example www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 36
Building risk trees: heuristic identification of failure nodes u Checklists, component failure u Guidewords = keyword-based patterns of failure – NO: “something is missing” – MORE: “there are more things than expected” – LESS: “there are fewer things than expected” – BEFORE: “something occurs earlier than expected” – AFTER: “something occurs later than expected” u But. . . problems frequently due to combinations of basic failure events/conditions. . . www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 37
Analyzing failure combinations: cut set of a risk tree u Cut set of risk tree RT: set of minimal AND-combinations of RT’s leaf nodes sufficient for causing RT’s root node – Cut-set tree of RT: set of its leaf nodes = RT’s cut set u Derivation of cut-set tree CST of RT: – CST’s top node : = RT’s top logical node – If current CST node is OR-node: OR expand it with RT’s corresponding alternative child nodes If current CST node is AND-node: AND expand it in single aggregation of RT’s conjoined child nodes – Termination when CST’s child nodes are all aggregations of leaf nodes from RT www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 38
Cut-set tree derivation: example Cut set = {{TM, WR}, {TM, WA}, {TM, WS}, {TM, WI}, {TM, DAF}, {TM, SF}, {TM, PFDO}} all combinations of bad circumstances for root risk to occur www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 39
Risk identification: using elicitation techniques u Scenarios to point out failures from WHAT IF questions – interactions not occurring – interactions occurring too late – unexpected interactions (e. g. under wrong conditions), . . . u u Knowledge reuse: reuse typical risks from similar systems Group sessions focussed on identification of project-specific risks www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 40
Risk assessment u u Goal: Goal assess likelihood of risks + severity, likelihood of consequences, to control high-priority risks Qualitative assessment: use qualitative estimates (levels) – for likelihood: likelihood {very likely, possible, unlikely, . . . } – for severity: severity {catastrophic, severe, high, moderate, . . . } => risk likelihood-consequence table for each risk => risk comparison/prioritization on severity levels www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 41
Qualitative risk assessment table: example Risk: “Doors open while train moving” Consequences Likely Loss of life Catastrophic Serious injuries Catastrophic Risk likelihood Possible Catastrophic Unlikely Severe High Train car damaged High Moderate Low #passengers decreased High Low Moderate Low Bad airport reputation likelihood level severity level J Easy to use L Limited conclusions: coarse-grained, subjective estimates likelihood of consequences not considered www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 42
Risk assessment u (2) Quantitative assessment: use numerical estimates – for likelihoods: {0, 0. 1, 0. 2, . . . , 0. 9, 1. 0} or {0 -0. 3, 0. 3 -0. 5, 0. 5 -0. 7, 0. 7 -1. 0} – for severity: probability values probability intervals scale from 1 to 10 => Risk exposure for risk r with independent consequences c: Exposure (r) = åc Likelihood (c) ´ Severity (c) => Risk comparison/prioritization based on exposures (with risks weighted by their likelihood) J Finer-grained than qualitative assessment L Sill subjective estimates: not grounded on system phenomena => to be elicited from domain experts or data collection from accumulated experiments www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 43
Risk control u u Goal: Goal Reduce high-exposure risks through countermeasures – yields new or adapted requirements – should be cost-effective Cf. conflict management: www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 44
Exploring countermeasures u Using elicitation techniques – interviews, group sessions u Reusing known countermeasures e. g. generic countermeasures to top 10 risks [Boehm, 1989] – simulation " poor performance – prototyping, task analysis " poor usability – use of cost models " unrealistic budgets/schedules u Using risk reduction tactics www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 45
Risk reduction tactics u Reduce risk likelihood: likelihood new reqs to ensure significant decrease e. g. “Prompts for driver reaction regularly generated by software” u Avoid risk: risk new reqs to ensure risk may never occur e. g. “Doors may be opened by software-controlled actuators only” u Reduce consequence likelihood: likelihood new reqs to ensure significant decrease of consequence likelihood e. g. “Alarm generated in case of door opening while train moving” u Avoid risk consequence: consequence new reqs to ensure consequence may never occur e. g. “No collision in case of inaccurate speed/position estimates” u Mitigate risk consequence: consequence new reqs to reduce severity of consequence(s) e. g. “Waiting passengers informed of train delays” www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 46
Selecting preferred countermeasures u Evaluation criteria for preferred countermeasure: – contribution to critical non-functional requirements – contribution to resolution of other risks – cost-effectiveness u Cost-effectiveness is measured by risk-reduction leverage: leverage RRL (r, cm) = (Exp (r) - Exp (r|cm)) / Cost (cm) Exp (r): exposure of risk r Exp (r|cm): new exposure of r if countermeasure cm is selected => Select countermeasures with highest RRLs – refinable through cumulative countermeasures & RRLs www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 47
Risks should be documented u u To record/explain why these countermeasure reqs, to support system evolution For each identified risk: – conditions/events for occurrence – estimated likelihood – possible causes & consequences – estimated likelihood & severity of each consequence – identified countermeasures + risk-reduction leverages – selected countermeasures @ annotated risk tree u More on risk management & documentation in Chaps. 9, 16, 18 www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 48
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 49
DDP: quantitative risk management for RE u DDP = Defect Detection Prevention u Technique & tool developed at NASA [Feather, 2003] u Quantitative support for Identify-Assess-Control cycles u Three steps: www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 50
Step 1: Elaborate the Impact matrix u Build a risk-consequence table with domain experts for. . . – prioritizing risks by critical impact on all objectives – highlighting the most risk-driving objectives u For each objective obj, risk r: Impact (r, obj) = estimated loss of satisfaction of obj by r 0 (no loss) --> 1 (total loss) u Last line, for each risk r: Criticality (r) = Likelihood (r) ´ åobj (Impact (r, obj) ´ Weight (obj)) u Last column, for each objective obj: Loss (obj) = Weight (obj) ´ år (Impact (r, obj) ´ Likelihood (r)) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 51
Impact matrix: example for library system www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 52
Step 2: Elaborate the Effectiveness matrix u Build a risk-countermeasure table with domain experts for. . . – estimating risk reduction by alternative countermeasures – highlighting most globally effective countermeasures u For each countermeasure cm, weighted risk r: Reduction (cm, r) = estimated reduction of r if cm applied 0 (no reduction) --> 1 (risk elimination) u Last line, for each risk r: combined. Reduction (r) = 1 - Pcm (1 - Reduction (cm, r)) u Last column, for each countermeasure cm: overall. Effect (cm) = år (Reduction (cm, r) ´ Criticality (r)) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 53
Effectiveness matrix: example for library system www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 54
Step 3: Determine optimal balance risk reduction vs. countermeasure cost u u Cost of each countermeasure cm to be estimated with domain experts DDP can then visualize. . . – risk balance charts: residual impact of each risk on all objectives if cm is selected – optimal combinations of countermeasures for risk balance under cost constraints • simulated annealing search for near-optimal solutions • optimality criterion can be set by user e. g. “maximize satisfaction of objectives under this cost threshold” “minimize cost above this satisfaction threshold” www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 55
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 56
Evaluating alternative options for decision making u u u The RE process raises multiple alternative options of different types – alternative ways of satisfying a system objective – alternative assignments of responsibilities among system components – alternative resolutions of a conflict – alternative countermeasures to reduce a risk Preferred alternatives must be negotiated, selected. . . – agree on evaluation criteria (e. g. contribution to NFRs) – compare options according to criteria – select best option Qualitative or quantitative reasoning techniques for this www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 57
Qualitative reasoning for evaluating options u Goal: Goal determine qualitative contribution of each option to important non-functional requirements (NFRs): very positively (++), positively (+), negatively (-), very negatively (--) u u u Example: meeting scheduling Qualitative labels “+”, “-” on higher-level NFRs are obtained by bottom-up propagation from lower-level reqs in goal-subgoal refinement/conflict graph ([Chung et al 2000], see chap. 16) Given “+”, “-” contributions of each option to lowest-level reqs, option with best contribution to critical high-level NFRs is taken www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 58
Quantitative reasoning for evaluating options u u Build a weighted matrix for. . . – estimating score of each option on each evaluation criterion (weighted by relative importance) – selecting option with highest overall score on all criteria For each option opt, criterion crit: Score (opt, crit) = estimated score percentage of opt on crit 0 --> 1, Y/100 means “crit satisfied in Y% of cases” u Last line, for each option opt: total. Score (opt) = åcrit (Score (opt, crit) ´ Weight (crit)) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 59
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 60
M u u u Requirements prioritization Elicited & evaluated reqs must be assigned priorities. . . – conflict resolution – resource limitations (budget, personnel, schedules) – incremental development – replanning due to unexpected problems Some principles for effective req prioritization. . . (1) by ordered levels of equal priority, in small number (2) qualitative & relative levels (“higher than”, . . . ) (3) comparable reqs: same granularity, same abstraction level (4) reqs not mutually dependent (one can be kept, another dropped) (5) agreed by key players Too early ranking at elicitation time might be subjective => risk of inadequate, inconsistent results www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 61
M u u Value-cost prioritization Systematic technique, meets principles (1) - (3) Three steps: 1. Estimate relative contribution of each req to project’s value 2. Estimate relative contribution of each req to project’s cost 3. Plot contributions on value-cost diagram: diagram shows what req fits what priority level according to value-cost tradeoff www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 62
M u Estimating relative contributions of requirements to project value & cost AHP technique from Decision Theory (“Analytic Hierarchy Process”, [Saati, 1980]) u Determines in what proportion each req R 1, . . . , RN contributes to criterion Crit u Applied twice: Crit = value, Crit = cost u Two steps: 1. Build comparison matrix: matrix estimates how Ri’s contribution to Crit compares to Rj’s 2. Determine how Crit distributes among all Ri www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 63
AHP, Step 1: Compare requirements pairwise M u Scale for comparing Ri’s contribution to Crit to Rj’s: 1: contributes equally 7 : contributes very strongly more 3: contributes slightly more 9 : contributes extremely more 5 : contributes strongly more u In comparison matrix, Rji = 1 / Rij (1 £ i, j £ N) Crit: value www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 64
M u AHP, Step 2: Evaluate how the criterion distributes among all requirements Criterion distribution = eigenvalues of comparison matrix 2. a Normalize columns: R’ij : = Rij / åi Rij 2. b Average accross lines: Contrib (Ri , Crit) = åj R’ij / N u AHP has rules for ensuring consistent estimates & ratios www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 65
M u u Plotting contributions on value-cost diagram Replay Steps 1 & 2 of AHP with Crit = cost Visualize value/cost contributions on diagram partitioned in selected priority levels www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 66
Requirements evaluation: summary u Inconsistencies are frequent during req acquisition – For clashes in terminology, designation, structure: a glossary of terms is best – For weak, strong conflicts: variety of techniques & heuristics to support cycles “identify overlaps, detect conflicts, generate resolutions, select preferred” u Product-/process-related risks must be carefully analyzed – Loss of satisfaction of system/development objectives – Variety of techniques for risk identification, incl. risk trees & their cut set – Likelihood of risks & consequences + severity need be assessed, qualitatively or quantitatively, with domain experts – Heuristics for exploring countermeasures, selecting costeffective ones – DDP: an integrated quantitative approach for RE risk management www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 67
Requirements evaluation: summary u (2) Alternative options need be evaluated for selecting preferred, agreed ones – Different types, incl. resolutions of conflicts & risks – Qualitative or quantitative reasoning for this (weighted matrices) u Requirements must be prioritized – Due to resource limitations, incremental development – Constraints for effective prioritization – AHP-based value-cost prioritization: a systematic technique Model-driven evaluation provides structure & comparability for what needs to be evaluated (see Part 2 of the book) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 68
- Requirements elicitation lifecycle
- Questionnaire elicitation techniques
- Requirements elicitation questions example
- Identifying and non identifying adjective clauses
- Identifying and non identifying adjective clauses
- Identify the essential
- Teknik requirement elicitation
- Elicitation techniques
- Prototyping elicitation technique
- Seven distinct tasks to requirements engineering
- Numerical assignment
- Elicitation meaning
- System functional requirements
- Scottsdale explantation
- Software requirement and design
- Domain requirements
- Domain requirements
- Structured specification
- What is domain requirements
- Domain requirements
- Domain requirements in software engineering
- Domain requirements
- Domain requirements
- Comp requirements
- Domain requirements
- What is domain requirements
- Domain requirements
- Domain and range games
- Z domain to frequency domain
- Fourier series of trapezoidal waveform
- Roc in z transform
- Inverse z transform table
- Domain specific vs domain general
- Domain specific vs domain general
- Problem domain vs knowledge domain
- S domain to z domain
- A_______ bridges the specification gap between two pls.
- Examples of quote sandwiches
- Use case id
- Adversarial stakeholders
- Impact of business decisions on stakeholders
- Internal and external stakeholders examples
- Understanding your stakeholders
- C level stakeholders
- Real estate stakeholders
- Power and influence matrix
- Internal vs external stakeholders
- Internal stakeholders
- Stakeholders in business
- How to write background of the project
- Stakeholders scuola
- Stakeholders
- Stakeholders scuola
- Stakeholders and their interests
- Internal stakeholders examples
- Primary secondary stakeholders
- Stakeholder approach
- The corporation and its stakeholders
- Primary and secondary stakeholders
- Ford motor company stakeholders
- Interne stakeholders
- Possible conflicts between stakeholder groups
- Secondary stakeholders
- Role of employees as stakeholders
- Stakeholders in hiv prevention
- Gym stakeholders
- Onion model stakeholder analysis
- Stakeholders internal and external
- Teoria degli stakeholder