Domain analysis requirements elicitation outline u Identifying stakeholders
- Slides: 68
Domain analysis & requirements elicitation: outline u Identifying stakeholders & interacting with them u Artifact-driven elicitation techniques – – – u Background study Data collection, questionnaires Repertory grids, card sorts for concept acquisition Scenarios, storyboards for problem world exploration Prototypes, mock-ups for early feedback Knowledge reuse: domain-independent, domain-specific Stakeholder-driven elicitation techniques – Interviews – Observation and ethnographic studies – Group sessions www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 1
Interviews u Primary technique for knowledge elicitation 1. Select stakeholder specifically for info to be acquired (domain expert, manager, salesperson, end-user, consultant, . . . ) 2. Organize meeting with interviewee, ask questions, record answers 3. Write report from interview transcripts 4. Submit report to interviewee for validation & refinement u Single interview may involve multiple stakeholders J saves times L weaker contact; individuals less involved, speak less freely u Interview effectiveness: effectiveness (utility x coverage of acquired info) / acquisition time www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 2
Types of interviews u Structured interview: predetermined set of questions – specific to purpose of interview – some open-ended, others with pre-determined answer set => more focused discussion, no rambling among topics u Unstructured interview: no predetermined set of questions – free discussion about system-as-is, perceived problems, proposed solutions => exploration of possibly overlooked issues => Effective interviews should mix both modes. . . – start with structured parts – shift to unstructured parts as felt necessary www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 3
Interviews: strengths & difficulties J May reveal info not acquired through other techniques – how things are running really, personal complaints, suggestions for improvement, . . . J On-the-fly acquisition of info appearing relevant – new questions triggered from previous answers L Acquired info might be subjective (hard to assess) L Potential inconsistencies between different interviewees L Effectiveness critically relies on interviewer’s attitude, appropriateness of questions => Interviewing guidelines www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 4
Guidelines for effective interviews u u Identify the right interviewee sample for full coverage of issues – different responsibilities, expertise, tasks, exposure to problems Come prepared, to focus on right issue at right time – background study first – pre-design a sequence of questions for this interviewee u Centre the interview on the interviewee’s work & concerns u Keep control over the interview u Make the interviewee feel comfortable – Start: break ice, provide motivation, ask easy questions – Consider the person too, not only the role – Do always appear as a trustworthy partner www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 5
Guidelines for effective interviews (2) u Be focused, keep open-ended questions for the end u Be open-minded, flexible in case of unexpected answers u Ask why-questions without being offending u Avoid certain types of questions. . . – opinionated or biased – affirmative – obvious or impossible answer for this interviewee u Edit & structure interview transcripts while still fresh in mind – including personal reactions, attitudes, etc u Keep interviewee in the loop – co-review interview transcript for validation & refinement Model-driven interviews may help structure them (see Part 2 of the book) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 6
Observation & ethnographic studies u u Focus on task elicitation in the system-as-is Understanding a task is often easier by observing people performing it (rather than verbal or textual explanation) – cf. tying shoelaces u Passive observation: no interference with task performers – Watch from outside, record (notes, video), edit transcripts, interpret – Protocol analysis: analysis task performers concurrently explain it – Ethnographic studies: studies over long periods of time, try to discover emergent properties of social group involved about task performance + attitudes, reactions, gestures, . . . u Active observation: you get involved in the task, even become a team member www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 7
Observation & ethnographic studies: pros & cons J May reveal. . . – tacit knowledge that would not emerge otherwise e. g. ethnographic study of air traffic control => implicit mental model of air traffic to be preserved in system-to-be – hidden problems through tricky ways of doing things – culture-specific aspects to be taken into account J Contextualization of acquired info L Slow & expensive: to be done over long periods of time, at different times, under different workload conditions L Potentially inaccurate (people behave differently when observed) L Data mining problem, interpretation problem L Focus on system-as-is Some of the interviewing guidelines are relevant www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 8
Group sessions u u u More perception, judgment, invention from interactions within group of diverse people Elicitation takes place in series of group workshops (a few days each) + follow-up actions audiovisuals, wall charts to foster discussion, record outcome Structured group sessions: – Each participant has a clearly defined role (leader, moderator, manager, user, developer, . . . ) – Contributes to req elaboration according to his/her role, towards reaching synergies – Generally focused on high-level reqs – Variants: focus groups, JAD, QFD, . . . www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 9
Group sessions u (2) Unstructured group sessions (brainstorming): – Participants have a less clearly defined role – Two separate stages. . . 1. Idea generation to address a problem: as many ideas as possible from each participant without censorship/criticism 2. Idea evaluation: evaluation by all participants together according to agreed criteria (e. g. value, cost, feasibility) to prioritize ideas www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 10
Group sessions: pros & cons J Less formal interactions than interviews => may reveal hidden aspects of the system (as-is or to-be) J Potentially. . . – wider exploration of issues & ideas – more inventive ways of addressing problems J Synergies => agreed conflict resolutions L Group composition is critical. . . – time consuming for key, busy people – heavily relying on leader expertise & skills – group dynamics, dominant persons => biases, inadequacies L Risk of. . . – missing focus & structure => rambling discussions, little concrete outcome, waste of time – superficial coverage of more technical issues www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 11
Combining techniques u u Elicitation techniques have complementary strengths & limitations Strength-based combinations are more effective for full, adequate coverage – artifact-driven + stakeholder-driven u Examples – Contextual Inquiry: Inquiry workplace observation + open-ended interviews + prototyping – RAD: RAD JAD group sessions + evolutionary prototyping (with code generation tools) u Techniques from other RE phases support elicitation too – Resolution of conflicts, risks, omissions, etc. www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 12
Domain analysis & requirements elicitation: summary u u Identifying the right stakeholders, interacting the right way Artifact-driven elicitation techniques – – – u Background study as a prerequisite Data collection, questionnaires for preparing interviews Repertory grids, card sorts for concept characterization Scenarios, storyboards for concrete exploration Prototypes, mock-ups for early feedback & adequacy check Knowledge reuse brings a lot: domain-independent, domain-specific Stakeholder-driven elicitation techniques – Interviews are essential - structured, unstructured, cf. guidelines – Observation, ethnographic studies for hidden knowledge – Group sessions for broader, more inventive acquisition & agreement Model-driven elicitation provides focus & structure for what needs to be elicited (see Part 2 of the book) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 13
www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 14
Requirements Engineering From System Goals to UML Models to Software Specifications Axel Van Lamsweerde www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 15
Fundamentals of RE Chapter 3 Requirements Evaluation www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 16
Chap. 1: RE products and processes alternative options Chap. 2: Elicitation techniques consolidated requirements Chap. 3: Evaluation techniques start agreed requirements documented requirements www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 17
Negotiation-based decision making: as introduced in Chapter 1. . . u u Identification & resolution of inconsistencies – conflicting stakeholder viewpoints, non-functional reqs, . . . – to reach agreement Identification, assessment & resolution of system risks – critical objectives not met, e. g. safety hazards, security threats, development risks, . . . – to get new reqs for more robust system-to-be Comparison of alternative options, options selection of preferred ones – different ways of: meeting same objective, assigning responsibilities, resolving conflicts & risks Requirements prioritization – to resolve conflicts, address cost/schedule constraints, support incremental development www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 18
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 19
Inconsistency management u Inconsistency = violation of consistency rule among items u Inconsistencies are highly frequent in RE – inter-viewpoints: inter-viewpoints each stakeholder has its own focus & concerns (e. g. domain experts vs. marketing dept) – intra-viewpoint: intra-viewpoint conflicting quality reqs (e. g. security vs. usability) u Inconsistencies must be detected and resolved. . . – not too soon: to allow further elicitation within viewpoint – not too late: to allow software development (anything may be developed from inconsistent specs) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 20
Types of inconsistency in RE u Terminology clash: clash same concept named differently in different statements e. g. library management: “borrower” vs. “patron” u Designation clash: clash same name for different concepts in different statements e. g. “user” for “library user” vs. “library software user” u Structure clash: clash same concept structured differently in different statements e. g. “latest return date” as time point (e. g. Fri 5 pm) vs. time interval (e. g. Friday) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 21
Types of inconsistency in RE u (2) Strong conflict: conflict statements not satisfiable together – i. e. logically inconsistent: S, not S e. g. “participant constraints may not be disclosed to anyone else” vs. “the meeting initiator should know participant constraints” u Weak conflict (divergence): statements not satisfiable together under some boundary condition – i. e. strongly conflicting if B holds: potential conflict – MUCH more frequent in RE e. g. (staff’s viewpoint) “patrons shall return borrowed copies within X weeks” vs. (patron’s viewpoint) “patrons shall keep borrowed copies as long as needed” B: “a patron needing a borrowed copy more than X weeks” www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 22
Handling inconsistencies u Handling clashes in terminology, designation, structure: through agreed glossary of terms to stick to – For some terms, if needed: accepted synonym(s) – To be built during elicitation phase u Weak, strong conflicts: more difficult, deeper causes. . . – Often rooted in underlying personal objectives of stakeholders => to be handled at root level and propagated to requirements level – Inherent to some non-functional concerns (performance vs. safety, confidentiality vs. awareness, . . . ) => exploration of preferred tradeoffs – Example: spiral, negotiation-based reconciliation of win conditions [Boehm et al, 1995] www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 23
Managing conflicts: a systematic process u Overlap = reference to common terms or phenomena – precondition for conflicting statements – e. g. gathering meeting constraints, determining schedules u Conflict detection. . . (see Chapters 16, 18) – informally – using heuristics on conflicting req categories “Check information req & confidentiality req on related objects” “Check reqs on decreasing & increasing related quantities” – using conflict patterns – formally (theorem proving techniques) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 24
Detected conflicts should be documented u For later resolution, for impact analysis ? statement in multiple conflicts, most conflicting statements, . . . ? u u Using documentation tools, query tools along Conflict links recorded in requirements database Or in interaction matrix: matrix Statement Sij = S 1 S 2 S 3 S 4 Total S 1 0 1000 1 1 1002 1: conflict S 2 1000 0: no overlap S 3 1 0 0 1 2 S 4 1 0 2 Total 1002 1000 2 2 2006 1000: no conflict #Conflicts(S 1) = remainder. Of (1002 div 1000) #non. Conflicting. Overlaps(S 1) = quotient. Of (1002 div 1000) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 25
Managing conflicts: a systematic process u (2) For optimal resolution, better to. . . – explore multiple candidate resolutions first, – compare, select/agree on most preferred next u To generate candidate resolutions, use. . . – elicitation techniques (interviews, group sessions) – resolution tactics www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 26
Conflict resolution tactics u Avoid boundary condition e. g. “Keep copies of highly needed books unborrowable” u Restore conflicting statements e. g. “Copy returned within X weeks and then borrowed again” u Weaken conflicting statements e. g. “Copy returned within X weeks unless explicit permission” u Drop lower-priority statements u Specialize conflict source or target e. g. “Book loan status known by staff users only” Transform conflicting statements or involved objects, or introduce new requirements www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 27
Managing conflicts: a systematic process u (3) Evaluation criteria for preferred resolution: – contribution to critical non-functional requirements – contribution to resolution of other conflicts & risks u See. . . – Sect. 3. 3 in this chapter (“Evaluating alternative options”) – Chapters 16, 18 www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 28
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – Types of risk – – – Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 29
What is a risk ? u Uncertain factor whose occurrence may result in loss of satisfaction of a corresponding objective e. g. a passenger forcing doors opening while train moving a meeting participant not checking email regularly u A risk has. . . – a likelihood of occurrence, – one or more undesirable consequences e. g. passengers falling out of train moving with doors open u Each risk consequence has. . . – a likelihood of occurrence if the risk occurs (not to be confused with risk likelihood) – a severity: severity degree of loss of satisfaction of objective www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 30
Types of RE risk u Product-related risks: negative impact on functional or nonfunctional objectives of the system => failure to deliver services or quality of service e. g. security threats, safety hazards u Process-related risks: negative impact on development objectives => delayed delivery, cost overruns, . . . e. g. personnel turnover www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 31
RE risk management what system-specific risks? u u likely? severe, likely consequences? countermeasures as new reqs Risk management is iterative – countermeasures may introduce new risks Poor risk management is a major cause of software failure – natural inclination to conceive over-ideal systems (nothing can go wrong) – unrecognized, underestimated risks => incomplete, inadequate reqs www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 32
Risk identification: risk checklists u Instantiation of risk categories to project specifics – associated with corresponding req categories u (cf. Chap. 1) Product-related risks: req unsatisfaction in functional or quality req categories – info inaccuracy, unavailability, unusability, poor response time, poor peak throughput, . . . e. g. ? inaccurate estimates of train speed, positions ? u Process-related risks: top 10 risks [Boehm, 1989] – req volatility, personnel shortfalls, dependencies on external sources, unrealistic schedules/budgets, . . . – poor risk management e. g. ? unexperienced developer team for train system ? www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 33
Risk identification: component inspection u u For product-related risks Review each component of the system-to-be: human, device, software component. . . – can it fail? – how? – why? – what are possible consequences? e. g. on-board train controller, station computer, tracking system, communication infrastructure, . . . u Finer-grained components => more accurate analysis e. g. acceleration controller, doors controller, track sensors, . . . www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 34
Risk identification: risk trees u Tree organization for causal linking of failures, causes, consequences – similar to fault trees in safety, threat trees in security u u Failure node = independent failure event or condition – decomposable into finer-grained nodes AND/OR links: links causal links through logical nodes. . . – AND-node: AND-node child nodes must all occur for parent node to occur as consequence – OR-node: OR-node only one child node needs to occur www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 35
Risk tree: example www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 36
Building risk trees: heuristic identification of failure nodes u Checklists, component failure u Guidewords = keyword-based patterns of failure – NO: “something is missing” – MORE: “there are more things than expected” – LESS: “there are fewer things than expected” – BEFORE: “something occurs earlier than expected” – AFTER: “something occurs later than expected” u But. . . problems frequently due to combinations of basic failure events/conditions. . . www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 37
Analyzing failure combinations: cut set of a risk tree u Cut set of risk tree RT: set of minimal AND-combinations of RT’s leaf nodes sufficient for causing RT’s root node – Cut-set tree of RT: set of its leaf nodes = RT’s cut set u Derivation of cut-set tree CST of RT: – CST’s top node : = RT’s top logical node – If current CST node is OR-node: OR expand it with RT’s corresponding alternative child nodes If current CST node is AND-node: AND expand it in single aggregation of RT’s conjoined child nodes – Termination when CST’s child nodes are all aggregations of leaf nodes from RT www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 38
Cut-set tree derivation: example Cut set = {{TM, WR}, {TM, WA}, {TM, WS}, {TM, WI}, {TM, DAF}, {TM, SF}, {TM, PFDO}} all combinations of bad circumstances for root risk to occur www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 39
Risk identification: using elicitation techniques u Scenarios to point out failures from WHAT IF questions – interactions not occurring – interactions occurring too late – unexpected interactions (e. g. under wrong conditions), . . . u u Knowledge reuse: reuse typical risks from similar systems Group sessions focussed on identification of project-specific risks www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 40
Risk assessment u u Goal: Goal assess likelihood of risks + severity, likelihood of consequences, to control high-priority risks Qualitative assessment: use qualitative estimates (levels) – for likelihood: likelihood {very likely, possible, unlikely, . . . } – for severity: severity {catastrophic, severe, high, moderate, . . . } => risk likelihood-consequence table for each risk => risk comparison/prioritization on severity levels www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 41
Qualitative risk assessment table: example Risk: “Doors open while train moving” Consequences Likely Loss of life Catastrophic Serious injuries Catastrophic Risk likelihood Possible Catastrophic Unlikely Severe High Train car damaged High Moderate Low #passengers decreased High Low Moderate Low Bad airport reputation likelihood level severity level J Easy to use L Limited conclusions: coarse-grained, subjective estimates likelihood of consequences not considered www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 42
Risk assessment u (2) Quantitative assessment: use numerical estimates – for likelihoods: {0, 0. 1, 0. 2, . . . , 0. 9, 1. 0} or {0 -0. 3, 0. 3 -0. 5, 0. 5 -0. 7, 0. 7 -1. 0} – for severity: probability values probability intervals scale from 1 to 10 => Risk exposure for risk r with independent consequences c: Exposure (r) = åc Likelihood (c) ´ Severity (c) => Risk comparison/prioritization based on exposures (with risks weighted by their likelihood) J Finer-grained than qualitative assessment L Sill subjective estimates: not grounded on system phenomena => to be elicited from domain experts or data collection from accumulated experiments www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 43
Risk control u u Goal: Goal Reduce high-exposure risks through countermeasures – yields new or adapted requirements – should be cost-effective Cf. conflict management: www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 44
Exploring countermeasures u Using elicitation techniques – interviews, group sessions u Reusing known countermeasures e. g. generic countermeasures to top 10 risks [Boehm, 1989] – simulation " poor performance – prototyping, task analysis " poor usability – use of cost models " unrealistic budgets/schedules u Using risk reduction tactics www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 45
Risk reduction tactics u Reduce risk likelihood: likelihood new reqs to ensure significant decrease e. g. “Prompts for driver reaction regularly generated by software” u Avoid risk: risk new reqs to ensure risk may never occur e. g. “Doors may be opened by software-controlled actuators only” u Reduce consequence likelihood: likelihood new reqs to ensure significant decrease of consequence likelihood e. g. “Alarm generated in case of door opening while train moving” u Avoid risk consequence: consequence new reqs to ensure consequence may never occur e. g. “No collision in case of inaccurate speed/position estimates” u Mitigate risk consequence: consequence new reqs to reduce severity of consequence(s) e. g. “Waiting passengers informed of train delays” www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 46
Selecting preferred countermeasures u Evaluation criteria for preferred countermeasure: – contribution to critical non-functional requirements – contribution to resolution of other risks – cost-effectiveness u Cost-effectiveness is measured by risk-reduction leverage: leverage RRL (r, cm) = (Exp (r) - Exp (r|cm)) / Cost (cm) Exp (r): exposure of risk r Exp (r|cm): new exposure of r if countermeasure cm is selected => Select countermeasures with highest RRLs – refinable through cumulative countermeasures & RRLs www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 47
Risks should be documented u u To record/explain why these countermeasure reqs, to support system evolution For each identified risk: – conditions/events for occurrence – estimated likelihood – possible causes & consequences – estimated likelihood & severity of each consequence – identified countermeasures + risk-reduction leverages – selected countermeasures @ annotated risk tree u More on risk management & documentation in Chaps. 9, 16, 18 www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 48
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 49
DDP: quantitative risk management for RE u DDP = Defect Detection Prevention u Technique & tool developed at NASA [Feather, 2003] u Quantitative support for Identify-Assess-Control cycles u Three steps: www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 50
Step 1: Elaborate the Impact matrix u Build a risk-consequence table with domain experts for. . . – prioritizing risks by critical impact on all objectives – highlighting the most risk-driving objectives u For each objective obj, risk r: Impact (r, obj) = estimated loss of satisfaction of obj by r 0 (no loss) --> 1 (total loss) u Last line, for each risk r: Criticality (r) = Likelihood (r) ´ åobj (Impact (r, obj) ´ Weight (obj)) u Last column, for each objective obj: Loss (obj) = Weight (obj) ´ år (Impact (r, obj) ´ Likelihood (r)) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 51
Impact matrix: example for library system www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 52
Step 2: Elaborate the Effectiveness matrix u Build a risk-countermeasure table with domain experts for. . . – estimating risk reduction by alternative countermeasures – highlighting most globally effective countermeasures u For each countermeasure cm, weighted risk r: Reduction (cm, r) = estimated reduction of r if cm applied 0 (no reduction) --> 1 (risk elimination) u Last line, for each risk r: combined. Reduction (r) = 1 - Pcm (1 - Reduction (cm, r)) u Last column, for each countermeasure cm: overall. Effect (cm) = år (Reduction (cm, r) ´ Criticality (r)) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 53
Effectiveness matrix: example for library system www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 54
Step 3: Determine optimal balance risk reduction vs. countermeasure cost u u Cost of each countermeasure cm to be estimated with domain experts DDP can then visualize. . . – risk balance charts: residual impact of each risk on all objectives if cm is selected – optimal combinations of countermeasures for risk balance under cost constraints • simulated annealing search for near-optimal solutions • optimality criterion can be set by user e. g. “maximize satisfaction of objectives under this cost threshold” “minimize cost above this satisfaction threshold” www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 55
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 56
Evaluating alternative options for decision making u u u The RE process raises multiple alternative options of different types – alternative ways of satisfying a system objective – alternative assignments of responsibilities among system components – alternative resolutions of a conflict – alternative countermeasures to reduce a risk Preferred alternatives must be negotiated, selected. . . – agree on evaluation criteria (e. g. contribution to NFRs) – compare options according to criteria – select best option Qualitative or quantitative reasoning techniques for this www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 57
Qualitative reasoning for evaluating options u Goal: Goal determine qualitative contribution of each option to important non-functional requirements (NFRs): very positively (++), positively (+), negatively (-), very negatively (--) u u u Example: meeting scheduling Qualitative labels “+”, “-” on higher-level NFRs are obtained by bottom-up propagation from lower-level reqs in goal-subgoal refinement/conflict graph ([Chung et al 2000], see chap. 16) Given “+”, “-” contributions of each option to lowest-level reqs, option with best contribution to critical high-level NFRs is taken www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 58
Quantitative reasoning for evaluating options u u Build a weighted matrix for. . . – estimating score of each option on each evaluation criterion (weighted by relative importance) – selecting option with highest overall score on all criteria For each option opt, criterion crit: Score (opt, crit) = estimated score percentage of opt on crit 0 --> 1, Y/100 means “crit satisfied in Y% of cases” u Last line, for each option opt: total. Score (opt) = åcrit (Score (opt, crit) ´ Weight (crit)) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 59
Requirements evaluation: outline u Inconsistency management – Types of inconsistency – Handling inconsistencies – Managing conflicts: a systematic process u Risk analysis – – Types of risk Risk management Risk documentation DDP: quantitative risk management for RE u Evaluating alternative options for decision making u Requirements prioritization www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 60
M u u u Requirements prioritization Elicited & evaluated reqs must be assigned priorities. . . – conflict resolution – resource limitations (budget, personnel, schedules) – incremental development – replanning due to unexpected problems Some principles for effective req prioritization. . . (1) by ordered levels of equal priority, in small number (2) qualitative & relative levels (“higher than”, . . . ) (3) comparable reqs: same granularity, same abstraction level (4) reqs not mutually dependent (one can be kept, another dropped) (5) agreed by key players Too early ranking at elicitation time might be subjective => risk of inadequate, inconsistent results www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 61
M u u Value-cost prioritization Systematic technique, meets principles (1) - (3) Three steps: 1. Estimate relative contribution of each req to project’s value 2. Estimate relative contribution of each req to project’s cost 3. Plot contributions on value-cost diagram: diagram shows what req fits what priority level according to value-cost tradeoff www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 62
M u Estimating relative contributions of requirements to project value & cost AHP technique from Decision Theory (“Analytic Hierarchy Process”, [Saati, 1980]) u Determines in what proportion each req R 1, . . . , RN contributes to criterion Crit u Applied twice: Crit = value, Crit = cost u Two steps: 1. Build comparison matrix: matrix estimates how Ri’s contribution to Crit compares to Rj’s 2. Determine how Crit distributes among all Ri www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 63
AHP, Step 1: Compare requirements pairwise M u Scale for comparing Ri’s contribution to Crit to Rj’s: 1: contributes equally 7 : contributes very strongly more 3: contributes slightly more 9 : contributes extremely more 5 : contributes strongly more u In comparison matrix, Rji = 1 / Rij (1 £ i, j £ N) Crit: value www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 64
M u AHP, Step 2: Evaluate how the criterion distributes among all requirements Criterion distribution = eigenvalues of comparison matrix 2. a Normalize columns: R’ij : = Rij / åi Rij 2. b Average accross lines: Contrib (Ri , Crit) = åj R’ij / N u AHP has rules for ensuring consistent estimates & ratios www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 65
M u u Plotting contributions on value-cost diagram Replay Steps 1 & 2 of AHP with Crit = cost Visualize value/cost contributions on diagram partitioned in selected priority levels www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 66
Requirements evaluation: summary u Inconsistencies are frequent during req acquisition – For clashes in terminology, designation, structure: a glossary of terms is best – For weak, strong conflicts: variety of techniques & heuristics to support cycles “identify overlaps, detect conflicts, generate resolutions, select preferred” u Product-/process-related risks must be carefully analyzed – Loss of satisfaction of system/development objectives – Variety of techniques for risk identification, incl. risk trees & their cut set – Likelihood of risks & consequences + severity need be assessed, qualitatively or quantitatively, with domain experts – Heuristics for exploring countermeasures, selecting costeffective ones – DDP: an integrated quantitative approach for RE risk management www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 67
Requirements evaluation: summary u (2) Alternative options need be evaluated for selecting preferred, agreed ones – Different types, incl. resolutions of conflicts & risks – Qualitative or quantitative reasoning for this (weighted matrices) u Requirements must be prioritized – Due to resource limitations, incremental development – Constraints for effective prioritization – AHP-based value-cost prioritization: a systematic technique Model-driven evaluation provides structure & comparability for what needs to be evaluated (see Part 2 of the book) www. wileyeurope. com/college/van lamsweerde Chap. 1: Setting the Scene © 2009 John Wiley and Sons 68
Requirements elicitation lifecycle
Questionnaire elicitation techniques
Requirements elicitation questions example
Identifying and non identifying adjective clauses
Identifying and non identifying adjective clauses
Identify the essential
Teknik requirement elicitation
Elicitation techniques
Prototyping elicitation technique
Seven distinct tasks to requirements engineering
Numerical assignment
Elicitation meaning
System functional requirements
Scottsdale explantation
Software requirement and design
Domain requirements
Domain requirements
Structured specification
What is domain requirements
Domain requirements
Domain requirements in software engineering
Domain requirements
Domain requirements
Comp requirements
Domain requirements
What is domain requirements
Domain requirements
Domain and range games
Z domain to frequency domain
Fourier series of trapezoidal waveform
Roc in z transform
Inverse z transform table
Domain specific vs domain general
Domain specific vs domain general
Problem domain vs knowledge domain
S domain to z domain
A_______ bridges the specification gap between two pls.
Examples of quote sandwiches
Use case id
Adversarial stakeholders
Impact of business decisions on stakeholders
Internal and external stakeholders examples
Understanding your stakeholders
C level stakeholders
Real estate stakeholders
Power and influence matrix
Internal vs external stakeholders
Internal stakeholders
Stakeholders in business
How to write background of the project
Stakeholders scuola
Stakeholders
Stakeholders scuola
Stakeholders and their interests
Internal stakeholders examples
Primary secondary stakeholders
Stakeholder approach
The corporation and its stakeholders
Primary and secondary stakeholders
Ford motor company stakeholders
Interne stakeholders
Possible conflicts between stakeholder groups
Secondary stakeholders
Role of employees as stakeholders
Stakeholders in hiv prevention
Gym stakeholders
Onion model stakeholder analysis
Stakeholders internal and external
Teoria degli stakeholder
