Chương 8: Modeling System Objectives with Goal Diagrams ppsx

Building System Models for REChapter 8 Modeling System Objectives with Goal Diagrams... Goal modeling: outline Goal features as model annotations  Goal refinement  Capturing conflict

Trang 1

Building System Models for RE

Chapter 8 Modeling System Objectives

with Goal Diagrams

Trang 2

Intentional view of the modeled system

Chap.10: Conceptual objects Chap.11: Agents

on what?

who ?

Trang 3

Goals as seen in Chapter 7

through cooperation of its agents

– formulated in terms of problem world phenomena

– at various levels of abstraction/granularity

satisfaction

– requirements, expectations: single-agent goals

Trang 4

A goal model shows contribution links

and leafgoal assignments

AND-refinement OR-

refinement

Trang 5

Goal modeling: outline

 Goal features as model annotations

 Goal refinement

 Capturing conflicts among goals

 Connecting the goal model with other system views

 Capturing alternative options

 Goal diagrams as AND/OR graphs

 Documenting goal refinements & assignments with

annotations

 Building goal models: heuristic rules & reusable patterns

Trang 6

Goal features are specified in model annotations

Goal Maintain [ DoorsClosedWhileMoving ]

Def All train doors shall be kept closed at any time

when the train is moving

[ FormalSpec   in temporal logic for analysis, not in this chapter not  ] [ Category Safety ]

[ Priority Highest ]

[ Source From interview with railway engineer X ]

DoorsClosedWhileMoving

precise definition goal

features

annotation

Trang 8

Goal refinement

 An AND-refinement of goal AND-refinement G into subgoals G1, , Gn states

The set { G1, , Gn} is called refinement of refinement G

Subgoal Gi is said to contribute positively to contribute positively G

Achieve [BookRequestSatisfied]

Achieve [ CopyBorrowed

If Available]

Achieve [CopyDueSoon

If Not Available]

Def In case a requested book has no copy available for check out,

a copy of that book shall be made available within 2 weeks for check out by the requesting patron.

goal AND-refinement

Trang 9

AND-refinements should be complete

 { G1, , Gn} is a complete AND-refinement of complete AND-refinement G iff satisfying G1, ., Gn is sufficient for satisfying G in view of known domain

properties

{ G1, , Gn, Dom}  G Achieve [BookRequestSatisfied]

complete AND-refinement (claim)

Achieve[ CopyReserved] Maintain[AvailabilityEnforced]

Trang 10

Complete AND- refinements

 Domain properties are often used for arguing about complete refinements

– classified as

• domain invariants: known to hold in every state domain invariants

"train doors are either open or closed"

• domain hypotheses: assumed to hold in specific states domain hypotheses "railway tracks are in good conditions "

– attached to conceptual objects in the object model

Trang 11

Domain properties in AND- refinements

Trang 12

AND-refinements should also be

consistent and minimal

may not contradict each other:

{ G1, , Gn, Dom}  false

(any behavior would be permitted from false)

necessarily satisfied:

{ G1, , Gj-1, Gj+1, , Gn, Dom}  G (to avoid unnecessarily restrictive requirements or expectations)

Trang 13

Refinement trees

 Goals are recursively refinable

 Leaf nodes = goals assignable to single system agents

TrainController

software agent environment

Trang 14

Refinement trees visualize satisfaction arguments

Avoid [TrainsOn SameBlock]

HighFrequency

OfTrains

…

SignalSafely KeptToStop

Trang 15

Chaining satisfaction arguments into

argumentation trees

To show how requirements ensure higher-level concerns, and

recursively

MotorRaising  HandBrakeReleased

Trang 16

Trang 17

Trang 18

Capturing potential conflicts among goals

be found making them unsatisfiable together:

SpeedBelow BlockLimit

SignalSafely KeptToStop

WhenAlarm

DoorsOpenWhen Alarm&Stopped RapidTransportation

Trang 19

Connecting the goal model with

other system views

Interface links

Interface links relate goals to other sub-models   traceability

 Responsibility: Responsibility instances of Agent are the only ones to restrict behaviors

to satisfy Goal

 Obstruction: Obstruction satisfaction of Obstacle inhibits satisfaction of Goal

 Concern: Concern specification of Goal refers to Object

 0perationalization: 0perationalization spec of Operations ensures satisfaction of Goal

 Coverage: Coverage behaviors prescribed by Goal cover Scenario

Goal Obstacle

Goal Object

Goal

Trang 20

 Goal refinement

annotations

Trang 21

Capturing options: alternative refinements

 An OR-refinement of goal G into refinements R1, , Rm states

alternative

Trang 22

Capturing options: alternative assignments

 An OR-assignment of goal G to agents A1, , Am states that G

can be satisfied by behavioral restrictions of any of the

( e.g different degrees of automation)

EffectiveBiblioSearch

AccurateBook ClassificationByTopic LibraryCoverage Comprehensive

AutoClassifier LibraryStaff

alternative assignments

Trang 23

Goal diagrams as AND/OR graphs

 AND/OR graph shows how goal nodes contribute to each other contribute

– roots roots = high-level system goals

• functional or non-functional

• behavioral or soft

– leaves leaves = requirements or expectations

• assignable to single agents

– an AND-refinement links a parent goal to set of conjoined subgoals AND-refinement

– an OR-refinement links a parent goal to a set of alternative AND- OR-refinement refinements => alternative system options

• soft goals in the graph are used to select preferred options

 Generally a directed acyclic graph, not a tree

– multiple roots (e.g functional, non-functional goals)

– a goal may contribute to multiple parent goals

Trang 24

Goal diagrams as AND/OR graphs (2)

NoTrainCollision SafeTransportation

system-as-is to-be

WorstCaseStopping DistanceMaintained NoTrainsOn SameBlock

HighFrequency

AND-refinement

OR-refinement

Trang 25

Accurate Classification

CopyDueSoon WhenNotAvailable

Availability Enforced

Availability Notified

LimitedLoan LimitedLoan

Goal diagrams as AND/OR graphs (3)

Trang 26

Annotating goal refinements & assignments

 Optional features

– Name: for unambiguous reference Name

– SysRef: for associating alternatives to system versions SysRef

– Tactic: for documenting refinement tactic Tactic (cf ref patterns)

FastJourney

FastRunToNextBlock

If GoSignal SignalPromptly SetToGo

TrainController TrainDriver

Avoid [TrainCollisions]

Maintain [WorstCase StoppingDistance]

TrainWaiting Unless OnNextBlock

Tactic Guard introduction

Name DriverlessStart SysRef SystemToBe

SysRef SystemAsIs

Name AccelerationControl SysRef SystemToBe

Trang 27

 Goal refinement

annotations

Trang 28

Heuristic rules for early discovery of goals

 Analyze current objectives & problems in system- as-is .

– preserve strategic, organization-specific objectives & policies

 high-level goals for system-to-be

e.g Effective access to state-of-the-art knowledge

– preserve application-specific objectives to be found in any system version

e.g Accurate book classification

– analyze problems & deficiencies in system- as-is

 goals of system- to-be : Avoid / Reduce / Improve them

e.g Anywhere anytime biblio search

Trang 29

Heuristic rules for early discovery of goals (2)

 Search for goal-related keywords in elicitation material goal-related keywords (documents available,

interview transcripts, etc.)

– intentional: in order to, so as to, so that, purpose, objective, aim, achieve, maintain,

avoid, ensure, guarantee, want, motivate, expect,

– prescriptive: shall, should, must, has to, to be, may not, may never,

– amelioration: improve, increase, decrease, reduce, enhance, enable, support, provide,

+ refinement links: “in order to in order to X the system has to Y “, .

(to be checked against false positives)

X

Trang 30

Heuristic rules for early discovery of goals (3)

– Browse leaves of taxonomies of functional & non-functional goals, looking for system-specific instances

– e.g Any Information goal concerning train passengers? Information

Any Accuracy goal about train information? Accuracy

Any Confidentiality goal about meeting participants? Confidentiality

Goal Functional goal Non-functional goal

Quality of service Compliance Architectural Development

Confident i ality Integrity Availability

Distribution Installation

Safety Security Reliability Performance Cost Maintainability

Time Space

Deadline Variability Software

interoperability

Interface

User interaction

Device interaction

Satisfaction Information Stim-Response

Accuracy

Cost

Trang 31

Heuristic rules for later discovery of goals

- lower-level goals

- interaction scenarios being elicited

- other operational material available

=> parent goals

- higher-level-goals

=> subgoals

– WHY? directly followed by WHY? HOW? on parent goal, to HOW?

elicit missing “brothers”

– HOW ELSE? to explore alternatives HOW ELSE?

Trang 32

CopyBorrowed WhenAvailable

Copy Reserved

Availability Enforced

Availability Notified

LimitedLoan Amount LimitedLoan Periods

HOW?

WHY?

Building goal models:

HOW and WHY questions

Trang 33

Building goal models:

HOW and WHY questions

NoTrainCollision SafeTransportation

current S2B

HOW?

WHY?

WorstCaseStopping DistanceMaintained NoTrainsOn SameBlock HighFrequency

Trang 34

Identifying goals from WHY questions

about scenario episodes

Scheduler Initiator Participant

meetingRequest

OK-request

? constraints

! constraints OK-constr

schedule Setting notification notification

Trang 35

Heuristic rules for later discovery of goals (2)

– to get subgoals involving fewer agents

and move towards requirements and expectations

{Scheduler, Participant,

Communication

Infrastructure}

ConstraintsKnownFromRequest

Constraints

Scheduler Participant Communication Infrastructure

Trang 36

– pro => refinement link to missing parent soft goal ? refinement

– con => conflict link to missing parent soft goal ? conflict

ConstraintsKnownFromRequest

ConstraintsObtained FromE-agenda

Constraints

UpToDate

Communication Working

Constraints Transmitted

Minimum Interaction

Participants

PreInformed

Constraints Accuracy

MinimalRequirements OnParticipants

Trang 37

e.g MinimalRequirementsOnParticipants

Achieve [Target If Condition]: If

if if Condition then then sooner-or-later Target sooner-or-later

?   ?

Maintain [Target OnlyIf Condition]: OnlyIf

always always ( if Target if then Condition) then

e.g Achieve [ItemSent If Paid] If   Maintain [ItemSent OnlyIf

OnlyIf Paid]

Achieve [reverseThrustEnabled If PlaneOnGround] If  Maintain [reverseThrust OnlyIf PlaneOnGround] OnlyIf

Trang 38

Building goal models: delimiting their scope

until assignable to single agents as single

– requirement (software agent)

– expectation (environment agent)

 Abstract goals … Abstract until when ?

goals that cannot be satisfied solely by system agents

e.g EliminateGreenhouseEffect

is beyond capabilities of train system

Trang 39

Goal refinement … until when ?

Maintain [Safe

Speed/AccelCom'ed]

Maintain[WC-SafeDistanceBetwTrains]

Maintain [Safe TrainRespToComd]

Trang 40

Maintain[Safe

Speed/AccelCom'ed]

Maintain[Safe TrainRespToComd]

OnBoard TrainControl

Trang 41

Maintain[Safe

Speed/AccelCom'ed]

Mt[AccurateEstimate

OfSpeed/Position] NextTrainFromEstim] Mt[SafeComdTo

Trang 42

Maintain[Safe

Speed/AccelCom'ed]

Trang 43

Maintain[Safe

Speed/AccelCom'ed]

Achv[ComdMsg SentInTime] ComdMsg] Mt[Safe DeliveredInTime] Achv[SentMsg Implem] Mt[Msg

Trang 44

Maintain[Safe

Speed/AccelCom'ed]

Mt[AccurateEstimate

Speed/Accel Control

Tracking

System

Trang 45

Maintain[Safe

Speed/AccelCom'ed]

Mt[AccurateEstimate

Speed/Accel Control

Tracking

System

Communic Infrastruct

Trang 46

Maintain[Safe

Speed/AccelCom'ed]

Mt[AccurateEstimate

Speed/Accel Control

Tracking

System

Communic Infrastruct

Trang 47

 Do not confuse .

– goal .

– operation .

Goal  service from functional model (e.g use case)

– Services operationalize functional, leaf goals in refinement graph operationalize

• a goal is often operationalized through multiple operations

• an operation often operationalizes multiple goals

– Soft goals are often not operationalized in functional model but used

to select among alternatives

Building goal models: bad smells



Trang 48

 Semantic difference

– Behavioral goals constrain entire sequences of state transitions

– Operations constrain single state transitions

 Tip: Tip use past participle for goal name past participle

(state to be reached/maintained, quantity to be reduced/increased, )

use infinitive for operation name infinitive

(action to reach/maintain that state)

Behavioral goals vs operations

Trang 49

 Do not confuse

– OR -refinement .

– AND -refinement by case .

cf case analysis:

OR -refinement introduces alternative systems to reach parent goal alternative

AND -refinement by cases introduces complementary, conjoined

subgoals within same system same

Building goal models: bad smells (2)

Extensive Coverage

Trang 50

 Avoid ambiguities in goal specification & interpretation

– a precise & complete goal definition is essential definition

– grounded on shared system phenomena, and agreed upon

by all stakeholders

BookRequestSatisfied

Def A book without any copy available for loan shall have a copy available within 15 days for the

requesting borrower

WorstCaseStopping DistanceMaintained

Def A train shall never get

so close to a train in front

so that if the train stops suddenly (e.g., derailment) the next train would hit it

Building goal models: bad smells (3)



Định dạng
Số trang	60
Dung lượng	2,15 MB