Including business strategy in model-driven methods: an experiment
Software-centric organisations design a loosely coupled organisation structure around strategic objectives, replicating this design to their business processes and information systems. Nowadays, dealing with business strategy in a model-driven development context is a challenge since key concepts such as the organisation's structure and strategic ends and means have been mostly addressed at the enterprise architecture level for the strategic alignment of the whole organisation, and have not been included into MDD methods as a requirements source. To overcome this issue, researchers have designed the LiteStrat, a business strategy modelling method compliant with MDD for developing information systems. This article presents an empirical comparison of LiteStrat and with i*, one of the most used models for strategic alignment in an MDD context. The article contributes with a literature review on the experimental comparison of modelling languages, the design of a study for measuring and comparing the semantic quality of modelling languages, and empirical evidence of the LiteStrat and i* differences. The evaluation consists of a 2 × 2 factorial experiment recruiting 28 undergraduate subjects. Significant differences favouring LiteStrat were found for models' accuracy and completeness, while no differences in modeller's efficiency and satisfaction were detected. These results yield evidence of the suitability of LiteStrat for business strategy modelling in a model-driven context.
Value-based requirements engineering: method and experience
'Socio-political' issues, such as emotions, values and people's feelings, are often cited as problems in the RE process. A method is described for analysing such issues. The method consists of a taxonomy of stakeholders' values, motivations and emotions (VME), with process guidance for eliciting and analysing these issues for the RE process and design implications. Values are personal attitudes or long-term beliefs which may influence stakeholder functional and non-functional requirements. Motivations are psychological constructs related to personality traits which may be viewed as stakeholders' long-term goals in RE. Emotions are cues to stakeholders' reactions arising from value/motivation conflicts. The method is supported by a website which illustrates the taxonomy with explanations and scenarios describing problems arising from value conflicts, and from poor understanding of stakeholder values. Two method validation studies were undertaken: first, an evaluation of the website and method by novices and RE experts; and second, case study applications of RE value analysis in real-world industrial practice. The method was used by all practitioners, although in different ways, some used it to create an agenda of issues for analysis while others employed the VMEs to interpret stakeholders' views and manage stakeholder negotiations. The validation studies provide evidence for the acceptability of the method for industrial practitioners, illustrating how value-related problems are identified and analysed effectively by the method. The utility of analysing VMEs is compared to other 'socio-political issues'-oriented methods in RE and methods which focus on monetized values in product requirements.
Goal-oriented requirements engineering: an extended systematic mapping study
Over the last two decades, much attention has been paid to the area of goal-oriented requirements engineering (GORE), where goals are used as a useful conceptualization to elicit, model, and analyze requirements, capturing alternatives and conflicts. Goal modeling has been adapted and applied to many sub-topics within requirements engineering (RE) and beyond, such as agent orientation, aspect orientation, business intelligence, model-driven development, and security. Despite extensive efforts in this field, the RE community lacks a recent, general systematic literature review of the area. In this work, we present a systematic mapping study, covering the 246 top-cited GORE-related conference and journal papers, according to Scopus. Our literature map addresses several research questions: we classify the types of papers (e.g., proposals, formalizations, meta-studies), look at the presence of evaluation, the topics covered (e.g., security, agents, scenarios), frameworks used, venues, citations, author networks, and overall publication numbers. For most questions, we evaluate trends over time. Our findings show a proliferation of papers with new ideas and few citations, with a small number of authors and papers dominating citations; however, there is a slight rise in papers which build upon past work (implementations, integrations, and extensions). We see a rise in papers concerning adaptation/variability/evolution and a slight rise in case studies. Overall, interest in GORE has increased. We use our analysis results to make recommendations concerning future GORE research and make our data publicly available.
Empirical research on requirements quality: a systematic mapping study
Research has repeatedly shown that high-quality requirements are essential for the success of development projects. While the term "quality" is pervasive in the field of requirements engineering and while the body of research on requirements quality is large, there is no meta-study of the field that overviews and compares the concrete quality attributes addressed by the community. To fill this knowledge gap, we conducted a systematic mapping study of the scientific literature. We retrieved 6905 articles from six academic databases, which we filtered down to 105 relevant primary studies. The primary studies use empirical research to explicitly define, improve, or evaluate requirements quality. We found that empirical research on requirements quality focuses on improvement techniques, with very few primary studies addressing evidence-based definitions and evaluations of quality attributes. Among the 12 quality attributes identified, the most prominent in the field are ambiguity, completeness, consistency, and correctness. We identified 111 sub-types of quality attributes such as "template conformance" for consistency or "passive voice" for ambiguity. Ambiguity has the largest share of these sub-types. The artefacts being studied are mostly referred to in the broadest sense as "requirements", while little research targets quality attributes in specific types of requirements such as use cases or user stories. Our findings highlight the need to conduct more empirically grounded research defining requirements quality, using more varied research methods, and addressing a more diverse set of requirements types.
A systematic literature review of requirements engineering education
Requirements engineering (RE) has established itself as a core software engineering discipline. It is well acknowledged that good RE leads to higher quality software and considerably reduces the risk of failure or budget-overspending of software development projects. It is of vital importance to train future software engineers in RE and educate future requirements engineers to adequately manage requirements in various projects. To this date, there exists no central concept of what RE education shall comprise. To lay a foundation, we report on a systematic literature review of the field and provide a systematic map describing the current state of RE education. Doing so allows us to describe how the educational landscape has changed over the last decade. Results show that only a few established author collaborations exist and that RE education research is predominantly published in venues other than the top RE research venues (i.e., in venues other than the RE conference and journal). Key trends in RE instruction of the past decade include involvement of real or realistic stakeholders, teaching predominantly elicitation as an RE activity, and increasing student factors such as motivation or communication skills. Finally, we discuss open opportunities in RE education, such as training for security requirements and supply chain risk management, as well as developing a pedagogical foundation grounded in evidence of effective instructional approaches.
Aligning requirements and testing through metamodeling and patterns: design and evaluation
Poorly executed requirements engineering activities profoundly affect the deliverables' quality and project's budget and schedule. High-quality requirements reuse through requirement patterns has been widely discussed to mitigate these adverse outcomes. Requirement patterns aggregate similar applications' behaviors and services into well-defined templates that can be reused in later specifications. The abstraction capabilities of metamodeling have shown promising results concerning the improvement of the requirement specifications' quality and professionals' productivity. However, there is a lack of research on requirement patterns beyond requirements engineering, even using metamodels as the underlying structure. Besides, most companies often struggle with the cost, rework, and delay effects resulting from a weak alignment between requirements and testing. In this paper, we present a novel metamodeling approach, called Software Pattern MetaModel (SoPaMM), which aligns requirements and testing through requirement patterns and test patterns. Influenced by well-established agile practices, SoPaMM describes functional requirement patterns and acceptance test patterns as user stories integrated with executable behaviors. Another novelty is the evaluation of SoPaMM's quality properties against a metamodel quality evaluation framework. We detail the evaluation planning, discuss evaluation results, and present our study's threats to validity. Our experience with the design and evaluation of SoPaMM is summarized as lessons learned.
Crowd-based requirements elicitation via pull feedback: method and case studies
Crowd-based Requirements Engineering (CrowdRE) promotes the active involvement of a large number of stakeholders in RE activities. A prominent strand of CrowdRE research concerns the creation and use of online platforms for a crowd of stakeholders to formulate ideas, which serve as an additional input for requirements elicitation. Most of the reported case studies are of small size, and they analyze the size of the crowd, rather than the quality of the collected ideas. By means of an iterative design that includes three case studies conducted at two organizations, we present the CREUS method for crowd-based elicitation via user stories. Besides reporting the details of these case studies and quantitative results on the number of participants, ideas, votes, etc., a key contribution of this paper is a qualitative analysis of the elicited ideas. To analyze the quality of the user stories, we apply criteria from the Quality User Story framework, we calculate automated text readability metrics, and we check for the presence of vague words. We also study whether the user stories can be linked to software qualities, and the specificity of the ideas. Based on the results, we distill six key findings regarding CREUS and, more generally, for CrowdRE via pull feedback.
Philanthropic conference-based requirements engineering in time of pandemic and beyond
As software engineering (SE) practitioners, we can help society by using our communities of experts to address a software need of a socially conscious organization. Doing so can benefit society in the locale of a SE conference and provide access to international experts for local organizations. Furthermore, established SE researchers as well as practitioners and students have the opportunity for a unique learning experience. While the SE community has already realized the importance of addressing human values and promoting social good objectives in software development, we are unaware of previous attempts to leverage SE conferences for this activity. Conferences present an opportunity to enjoy the assembly of SE practitioners, researchers, and students for the purpose of a philanthropic endeavor. Over the past four years of running a "Requirements Engineering for Social Good" event called RE Cares, co-located with the International Conference on Requirements Engineering, we worked with the stakeholders local to the conference venue. We selected stakeholders who would not necessarily have ready access to requirements engineering, software design, and development expertise otherwise, to build software targeting "good causes." In the last two years, this event was altered to adapt to the constraints induced by COVID-19, moving to a hybrid mode and changing many of its practices accordingly. This paper summarizes and generalizes our experiences, discussing our lessons learned in the context of the pandemic and beyond and providing a framework for conducting similar social contribution in any SE conferences in general.
Specifying requirements for collection and analysis of online user feedback
According to data-driven Requirements Engineering (RE), explicit and implicit user feedback can be considered a relevant source of requirements, thus supporting requirements elicitation. However, limited attention has been paid so far to the role of online feedback in RE tasks, such as requirements validation, and on how to specify what online feedback to collect and analyse. We performed an action research study, together with a company that developed a platform for online training. This paper presents the design and execution of the study, and a discussion of its results. This study provides evidence about the need of practitioners to follow a simple but systematic approach for specifying requirements for data collection and analysis, at design time. Another outcome of this study is a method to tackle this task that leverages goal-oriented requirements modelling combined with Goal-Question-Metric. The applicability of the method has been explored on two industrial evaluations, while the perceived effectiveness, efficiency and acceptance have been assessed with practitioners through a dedicated survey.
Testing software's changing features with environment-driven abstraction identification
ions are significant domain terms that have assisted in requirements elicitation and modeling. To extend the assistance toward requirements validation, we present in this paper an automated approach to identifying the abstractions for supporting requirements-based testing. We select relevant Wikipedia pages to serve as a domain corpus that is independent from any specific software system. We further define five novel patterns based on part-of-speech tagging and dependency parsing, and frame our candidate abstractions in the form of pairs for better testability, where the "key" helps locate "what to test", and the "value" helps guide "how to test it" by feeding in concrete data. We evaluate our approach with six software systems in two application domains: Electronic health records and Web conferencing. The results show that our abstractions are more accurate than those generated by a state-of-the-art technique. While the initial findings indicate our abstractions' capabilities of revealing bugs and matching the environmental assumptions created manually, we articulate a new way to perform requirements-based testing by focusing on a software system's changing features. Specifically, we hypothesize that the same feature would behave differently under a pair of opposing environmental conditions and assess our abstractions' applicability to this new form of feature testing.
Guidelines adopted by agile teams in privacy requirements elicitation after the Brazilian general data protection law (LGPD) implementation
The Brazilian General Data Protection Law (LGPD) implementation has impacted activities carried out by the software development teams. Due to it, developers had to become aware of the existing techniques and tools to carry out privacy requirements elicitation. Extending our previous work, we have investigated the actions taken by organizations regarding the LGPD, specifically in software development, considering the perception of agile development teams after two years of the LGPD implementation. In addition, we also investigated the perception of an agile team regarding the practices, techniques, and tools previously cited by practitioners as potential solutions for use in this context, along with techniques already in use in the current context. We have conducted a systematic literature review (SLR) and selected 36 primary studies. Furthermore, we have conducted a survey with 53 IT practitioners and semi-structured interviews with ten practitioners. The LGPD principles are known by most agile teams and are being implemented by the organizations, although the existing tools to support privacy requirements elicitation are still underused by agile teams. Moreover, agile teams consider that software requirements and software construction are the most impacted areas of knowledge by the LGPD, and most of them use user stories in privacy requirements elicitation. Our findings reveal that agile teams and Brazilian organizations are more concerned with user data privacy issues after the LGPD became effective. However, agile teams still face challenges in privacy requirements elicitation.