• Use Case Modeling
• Software Requirements Engineering
• Software Processes
• Secure Requirements Engineering
• Empirical Experimentation and Evaluation
• Agile Methodologies
• Model Transformation
• Systematic Evaluation of The Cognitive Effectiveness of Visual Languages

.: I have funded projects and opportunities for research assistants:

Project 7: Modeling Security Aspects in UML Statecharts (#IN141010)

Model Driven Security has become an active area of research during the past decade. While many research works have contributed significantly to this objective by extending popular modeling notations to model security aspects, there is no modeling notation that allows its users the ability to model security aspects in systems or modules that have state dependent behavior. This proposed research will undertake a scientific approach to develop a new notational set that extends the UML (Unified Modeling Language) statecharts notation. An online industrial survey will be conducted to measure the perceptions of the new notation with respect to its semantic transparency as well as its coverage of modeling state based security aspects. The survey results will indicate if the new notation satisfies the expressiveness requirements of a state based security modeling language and was largely intuitive to use and understand provided very little training. A subject-based empirical evaluation using software engineering professionals will also be conducted to evaluate the cognitive effectiveness of the proposed notation.

Contact: Dr. Mohamed El-Attar

Project 8: Evaluating and Improving the Cognitive Effectiveness of Use Case Diagrams (#IN141011)

Use case modeling is a forefront technique to specify functional requirements for a system. Many research works related to use case modeling have been devoted to improving various aspects of use case modeling and its utilization in software development processes. One key aspect of use case models that has thus far been overlooked by the research community is the visual perception of use case diagrams by its readers. Any model is used to transfer a idea by a modeler to a model reader. Even if a use case diagram is constructed flawlessly, if it is misread or misinterpreted by its reader then the intrinsic purpose of modeling has failed. This proposed research will provide a two-fold contribution. Firstly, this research will present a scientific evaluation of the cognitive effectiveness of use case diagrams. The evaluation will be based on theory principles and empirical evidence mainly from the cognitive science field. Secondly, it will provide empirically validated improvements to the use case diagram notation that enhances its cognitive effectiveness. Empirical validation of the improvements will be drawn by conducting an industrial survey using business analyst professionals. Empirical validation will also be drawn by conducting an experiment using software engineering professionals as subjects.

Contact: Dr. Mohamed El-Attar

.: Completed projects:

Project 1: Migrating Functional Requirements to a More Formal Representation (#JF100008)

An essential quality aspect of Use Case (UC) models is their understandability and readability. Ambiguity and confusion caused by UC models may have severe consequences. These consequences occur since UC models affect every aspect of the development process. The fundamental purpose of UC models is to describe the interactions that a system has with its environment in order to allow its users to benefit from its services. The interactions are described in the UC descriptions. UC descriptions are most commonly presented in textual format. Interactions between the system and its actors (environment) form virtual workflows that are subsequently embedded within the UC descriptions. In order to improve the understandability and readability of UC models, it is important to clearly define the underlying workflows, removing any source of ambiguity and ensuring that all team members have a common and consistent understanding of these workflows. A technique named AGADUC have been previously proposed to represent these embedded workflows in the form of UML Activity Diagrams. The technique depends on a structure named SUCD. However, SUCD was proven to be too difficult to be used by its intended audience, the Business Analysts (BAs). In other related work, a simplified formal structure named SUCD have been previously proposed to ensure consistency in UC Diagrams. However, SSUCD lacks the required constructs and formality that will allow the embedded workflows to be extracted in the form of UML Activity Diagrams. In this research proposal, I plan to develop a semi-systematic to migrate functional requirements written in the SSUCD form to the SUCD form.

Security is a vital requirement for many software systems. Without ensuring security, many software systems are deemed useless.  In recent years, misuse case modeling has shown to be a promising technique for eliciting security threats and requirements. Misuse case models allow system designers to inject security considerations within their designs early in the development cycle. This is potentially a much more effective approach to ensuring security than patching an end system with security mechanisms after it was developed. The notation and syntactical rules of misuse case models are relatively simple. However, this is not the case as misuse case modeling practitioners are highly vulnerable to modeling pitfalls, mistakes and oversights, creating defective misuse case models that can have catastrophic effects later on in the development cycle. The aim of this research project is to develop approaches that will improve quality in misuse case models based on antipatterns and authoring structure.

Project 3: A Hybrid Computational Framework for Software Development Effort Estimation   (#FT111007)

During the different phases of software development project, project managers are faced with many prediction problems such as early estimation of software development effort. Many estimation techniques have been proposed in the research community in order to build accurate estimation models for software engineering related estimation problems. However, none of the existing models proved to be suitable under all circumstances. We need to build estimation models that are reliable and provide high accuracy. Ensembles of hybrid computational intelligence models are candidates for this goal, which take advantages of standalone models capabilities. In this research, we will survey existing computational intelligence models and identify the most commonly used models, build different ensemble models from existing computational intelligence techniques, search for different datasets for software development effort estimation problems, study their characteristics, and empirically evaluate and compare the proposed computational intelligence models with respect to their estimations accuracy, estimations time, over other individual models.

Project 4: Juxtaposing with Antipatterns to Improve the Quality of BPEL Processes (#IN121015)

The Service Oriented Architecture is constantly increasing in popularity. Web services offer their users an efficient means to solicit and research publicly available services. A user maybe interested in acquiring the best deal on a particular service or a product from a number of competitors that offer that service or product. For example, a customer interested in purchasing a particular book will be interested in obtaining the best price from a number of book vendors. Alternatively, users can be interested in the collaboration of a number of web services to attain a higher level goal. For example, a user can be interested in a set of web services provided by couriers that can interact with each other to provide tracking and history details of a current shipment. BPEL has become the standard high-level language to define web services in a SOA. BPEL processes can be created to specify the invocation order of web services to achieve the desired goal. Using BPEL, a great deal of interaction information between web services and the BPEL process user can be specified, commonly known as defining a business process. Every BPEL business process has a purpose to achieve; this purpose is usually to provide a service to the process’s user. It is not necessary that the user must be human; the user of a business process can be another system. In any case, it is the responsibility of an E-commerce analyst to define BPEL business processes that provide the services that are in demand. However, “BPEL workflows” developed are vulnerable to mistakes and poor modeling designs by inexperienced modelers. In this research work we propose to the utilization of the antipatterns concept to improve the quality of the “BPEL workflows”. The main objective of this research project is to identify antipatterns for BPEL processes to improve the quality of web services deployed using the Service Oriented Architecture in Saudi Arabia.

Project 5: Embracing Robustness Analysis and Diagrams to Improve Software Development  (#IN111028)

Robustness analysis is a technique that can be performed to help ensure the correctness, completeness and consistency of use case and domain models. Robustness analysis also helps bridge the gap between the analysis and design phases by providing a guided approach to identify a first-guess set of objects that will realize scenarios described in use cases. The purpose of this research work is to embrace robustness analysis to improve other software developmental activities. In particular, we propose to use robustness analysis for early validation of functional security requirements by developing a comprehensive set of security acceptance tests. We also propose using robustness analysis to specify glue-code during the integration phase of a component based software development.

Project 6: GlobReq: A Framework for Improving Requirements Engineering in Global Software Development Projects  (#IN111030)

In global software development (GSD) a company (client) contracts out all or part of its software development activities to another company (vendor), who provides services for remuneration. GSD has been growing steadily and an 18-fold increase in the outsourcing of IT-enabled business processes is projected . However significant failure rates have also been reported in GSD projects. Although a variety of software development tasks are outsourced previous work suggests that most of the factors contributing to the failure of projects are related to requirements . This is not surprising given that the requirements engineering (RE) process has a huge impact on the effectiveness of all software development processes.

This project brings together the research team’s previous work on GSD and RE to develop a framework for the requirements engineering process of GSD projects (GlobReq). We will collect detailed empirical data from GSD organisations to construct and validate the GlobReq framework. Managers of GSD projects will be able to use GlobReq to plan a RE process suitable for a specific GSD project. Our framework could have a significantly positive impact on the high number of failures currently reported for GSD projects, the root cause of which is often related to requirements problems . As GSD is set to further increase the design and development of a GlobReq framework for GSD projects is indeed timely.

The work proposed will bring together and advance the work that has been undertaken on frameworks and models for RE. Our contribution to improving RE in GSD will provide other researchers with a firm basis on which to develop different requirements processes that are based on an understanding of how and where they fit into the GSD activities. New requirements processes could then be developed targeting GSD projects.