Using a model transformation language to produce target models from source models in an aspect-oriented approach [more] |
bachelor/diploma/master |
azadeh.alebrahim@uni-due.de |
Desription:
Prerequisites: modeling, (programming)
Goals & Procedure:
In the field of Model-Driven Engineering (MDE)
model transformation languages are used to produce
target models from source models. Examples for such
EMF-based Model2Model (M2M) transformations are
QVT, ATL, etc. The languages should be
investigated. Advantages and drawbacks of each
language should be highlighted and compared with
other languages. As result one suitable language
for the existing aspect-oriented approach should
be selected and applied as follows:
- Defining source and target models
- Defining transformation rules
- (Implementing the transformation rules) |
Investigating architecture recovery approaches, selecting one and applying it on a case study. [more] |
bachelor/diploma/master |
azadeh.alebrahim@uni-due.de |
Desription:
Prerequisites: programming, successful participation in the course Softwaretechnik
Problem: ...
Goals & Procedure:
Software architecture recovery provides methods
to extract the software architecture from its
source code. The task is
- Selecting one proper approach among the existing approaches in this field.
- Applying the selected approach on a case study to extract its architecture. |
A case study for using security requirements engineering methods and security patterns to support the development of document of an ISO 27001 compliant Information Security Management [more] |
master |
kristian.beckers@uni-due.de |
Desription:
Prerequisites: ESS lecture
Problem: Using security requirements engineering methods and security patterns and check to what extend the generated documents fulfill the documentation requirements of the ISO 27001
Goals & Procedure:
- Describe the documentation requirements of the ISO 27001 standard
- Use existing security requirements engineering methods e.g. KAOS or SEPP or security patterns for a small software system, e.g., a secure file storage
- Describe how the results fulfill the documentation requirements of the ISO 27001 standard. |
Development of Toolsupport for patterns that support the implementation of the ISO 27005 standard [more] |
master |
kristian.beckers@uni-due.de |
Desription:
Prerequisites: SWT lecture
Problem: Creating pattern to support the implementation of the ISO 27005 and create an eclipse EMF and GMF based tool to support instantiation of these patterns
Goals & Procedure:
- Learn about existing patterns for the ISO 27005 context establishment and create pattern for further sections of the ISO 27005 standard
- Learn how to create a model and a graphical editor with the eclipse EMF and GMF technologies
- Create a graphical editor for the ISO 27005 patterns that allows consultants to instantiate these patterns for a given software system. |
Systematic development of a plugin to support Sequence Diagram generation (as part of UML4PF) [more] |
bachelor |
denis.hatebur@uni-due.de |
Desription:
Prerequisites: SWT lecture
Problem: Creating Sequence diagrams fitting to a sub problem is a routine but error-prone task
Goals & Procedure:
- Extend the existing UML4PF plugin
- Add a button that creates the missing sequence diagram text for all sub problems
(ordering of messages and inserting co-regions should be task of the user)
- Use ADIT for this development |
Development of an approach for checking consistancy between sequence diagrams and state machines [more] |
master |
denis.hatebur@uni-due.de |
Desription:
Prerequisites: SWT lecture, OCL
Problem: UML4PF has not automatic checks for state machines
Goals & Procedure:
- Extend the existing UML4PF plugin
- Describe the procedures for creating sequence diagrams and state machines
- Create OCL expressions
- Validate on case studies |
Development of an approach for checking consistancy between sequence diagrams and architectures [more] |
master |
denis.hatebur@uni-due.de |
Desription:
Prerequisites: SWT lecture, OCL
Problem: UML4PF has not automatic checks for sequence diagrams vs. architectures
Goals & Procedure:
- Extend the existing UML4PF plugin
- Describe the procedures for creating sequence diagrams and architectures
- Create OCL expressions
- Validate on case studies |
Alternatives for expressing life cycles in ADIT [more] |
master |
denis.hatebur@uni-due.de |
Desription:
Prerequisites: SWT lecture, OCL
Problem: life cycles in ADIT are currently not tool-supported
Goals & Procedure:
- Evaluate different notations
- Create OCL expressions for possible checks |
Analysis and Documentation of Business Processes for Information Security Management Systems [more] |
bachelor/diploma/master |
h.schmidt@itesys.de |
Desription:
Prerequisites: IT security, modelling
Problem: ...
Goals & Procedure:
- ITESYS business processes as examples (ISO 9000 compatible documentation is available)
- application and adaption of idea contained in ARES paper, i.e., context analysis pattern,
stakeholder templates, etc.
- documentation using a given tool which has to be selected beforehand
- re-use of existing methods such as turtle approach etc. |
Evaluation of Methods and Tools for Information Security Management Systems [more] |
bachelor/diploma/master |
h.schmidt@itesys.de |
Desription:
Prerequisites: IT security, modelling
Problem: ...
Goals & Procedure:
- span method and tool landscape for ISMS, e.g., Verinice (http://www.verinice.org/)
- development of criteria for comparison
- processing of knowledge about methods and tools to enable comparison
- evaluation |
Generating Patterns for Common Criteria Developer Documentation [more] |
diploma/master |
h.schmidt@itesys.de |
Desription:
Prerequisites: IT security (ESS lecture recommended), modelling
Problem: ...
Goals & Procedure:
- based on protection profile, e.g., HASK
- development of patterns for FSP and/or TDS
- approach: based on fixed SFRs, span design space (which will be relatively narrow)
additionally, variable SFRs can become fixed ones (=> influence on design space)
- methodological support, patterns or templates, systematic decision procedures, design-driven-by-standard, etc. |