Maritta Heisel

Prof. Dr. Maritta Heisel
Raum BB 919
Tel. : +49 203 379 3465
Fax : +49 379 4490
E-Mail : maritta.heisel[at]uni-duisburg-essen.de

Research
  • Compliance [Veröffentlichungen]
  • Formal Methods [Veröffentlichungen]
  • Methodology
    Veröffentlichungen:

    QuickSearch:   Number of matching entries: 0.

    YearTitleAuthorJournal/ProceedingsPublisher
    2017 A structured and systematic model-based development method for automotive systems, considering the OEM/supplier interface Beckers, K., Côté, I., Frese, T., Hatebur, D. & Heisel, M. Reliability Engineering & System Safety    
    Abstract: Abstract The released ISO 26262 standard for automotive systems requires to create a hazard analysis and risk assessment and to create safety goals, to break down these safety goals into functional safety requirements in the functional safety concept, to specify technical safety requirements in the safety requirements specification, and to perform several validation and verification activities. Experience shows that the definition of technical safety requirements and the planning and execution of validation and verification activities has to be done jointly by OEMs and suppliers. In this paper, we present a structured and model-based safety development approach for automotive systems. The different steps are based on Jackson's requirement engineering. The elements are represented by UML notation extended with stereotypes. The UML model enables a rigorous validation of several constraints. We make use of the results of previously published work to be able to focus on the OEM/supplier interface. We illustrate our method using a three-wheeled-tilting control system (3WTC) as running example and case study.
    BibTeX:
    @article{Beckers2016-4,
      year = {2017},
      title = {A structured and systematic model-based development method for automotive systems, considering the OEM/supplier interface},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Frese, Thomas and Hatebur, Denis and Heisel, Maritta},
      journal = {Reliability Engineering \& System Safety},
      volume = {158},
      pages = {172 - 184},
      note = {Special Sections : Reliability and Safety Certification of Software-Intensive Systems},
      url = {http://www.sciencedirect.com/science/article/pii/S0951832016304057},
      doi = {10.1016/j.ress.2016.08.018}
    }
    
    2017 Facilitating Reuse of Control Software through Context Modelling based on the Six-Variable Model Ulfat-Bunyadi, N., Meis, R. & Heisel, M. Software Technologies   Springer  
    BibTeX:
    @incollection{CCIS17,
      year = {2017},
      title = {Facilitating Reuse of Control Software through Context Modelling based on the Six-Variable Model},
      booktitle = {Software Technologies},
      author = {Ulfat-Bunyadi, Nelufar and Meis, Rene and Heisel, Maritta},
      publisher = {Springer},
      volume = {743},
      series = {Communications in Computer and Information Science},
      pages = {332-358},
      url = {http://www.springer.com}
    }
    
    2017 Computer-Aided Identification and Validation of Intervenability Requirements Meis, R. & Heisel, M. Information    
    Abstract: Privacy as a software quality is becoming more important these days and should not be underestimated during the development of software that processes personal data. The privacy goal of intervenability, in contrast to unlinkability (including anonymity and pseudonymity), has so far received little attention in research. Intervenability aims for the empowerment of end-users by keeping their personal data and how it is processed by the software system under their control. Several surveys have pointed out that the lack of intervenability options is a central privacy concern of end-users. In this paper, we systematically assess the privacy goal of intervenability and set up a software requirements taxonomy that relates the identi?ed intervenability requirements with a taxonomy of transparency requirements. Furthermore, we provide a tool-supported method to identify intervenability requirements from the functional requirements of a software system. This tool-supported method provides the means to elicit and validate intervenability requirements in a computer-aided way. Our combined taxonomy of intervenability and transparency requirements gives a detailed view on the privacy goal of intervenability and its relation to transparency. We validated the completeness of our taxonomy by comparing it to the relevant literature that we derived based on a systematic literature review. The proposed method for the identi?cation of intervenability requirements shall support requirements engineers to elicit and document intervenability requirements in compliance with the EU General Data Protection Regulation.
    BibTeX:
    @article{Information2017,
      year = {2017},
      title = {Computer-Aided Identification and Validation of Intervenability Requirements},
      author = {Meis, Rene and Heisel, Maritta},
      journal = {Information},
      volume = {8},
      number = {30},
      url = {http://www.mdpi.com/2078-2489/8/1/30},
      doi = {10.3390/info8010030}
    }
    
    2017 Towards Systematic Privacy and Operability (PRIOP) Studies Meis, R. & Heisel, M. ICT Systems Security and Privacy Protection   Springer  
    Abstract: The assessment of privacy properties of software systems gains more and more importance nowadays. This is, on the one hand because of increasing privacy concerns of end-users due to numerous reported privacy breaches, and on the other hand due to stricter data protection regulations, e.g., the EU General Data Protection Regulation that prescribes an assessment of the privacy implications that a project possibly has. The lack of systematic methods to assist a comprehensive and detailed privacy analysis makes it hard for analysts to address the end-users’ and legal requirements. In this paper, we adopt the principles of the hazard and operability (HAZOP) studies, which have successfully been used for safety analyses, to privacy to provide a systematic method to identify the relevant privacy threats for a software to be developed. We propose a method called privacy and operability (PRIOP) studies that allows to systematically analyze the potential privacy issues that a software to be developed might raise, based on the software’s functionality at the requirements level.
    BibTeX:
    @inproceedings{SEC17,
      year = {2017},
      title = {Towards Systematic Privacy and Operability ({PRIOP}) Studies},
      booktitle = {ICT Systems Security and Privacy Protection},
      author = {Meis, Rene and Heisel, Maritta},
      publisher = {Springer},
      volume = {502},
      series = {IFIP AICT},
      pages = {427--441},
      url = {http://dx.doi.org/10.1007/978-3-319-58469-0_29},
      doi = {10.1007/978-3-319-58469-0_29}
    }
    
    2016 Variability for Qualities in Software Architecture Alebrahim, A., Faßbender, S., Filipczyk, M., Goedicke, M., Heisel, M. & Zdun, U. SIGSOFT Softw. Eng. Notes   ACM  
    BibTeX:
    @article{Alebrahim:2016:VQS:2853073.2853095,
      year = {2016},
      title = {Variability for Qualities in Software Architecture},
      author = {Alebrahim, Azadeh and Fa{\ss}bender, Stephan and Filipczyk, Martin and Goedicke, Michael and Heisel, Maritta and Zdun, U.},
      journal = {SIGSOFT Softw. Eng. Notes},
      publisher = {ACM},
      volume = {41},
      number = {1},
      pages = {32--35},
      url = {https://dl.acm.org/citation.cfm?doid=2853073.2853095},
      doi = {10.1145/2853073.2853095}
    }
    
    2016 Supporting Privacy Impact Assessments using Problem-based Privacy Analysis Meis, R. & Heisel, M. Software Technologies - 10th International Joint Conference, ICSOFT 2015, Revised Selected Papers   Springer  
    Abstract: Privacy-aware software development is gaining more and more importance for nearly all information systems that are developed nowadays. As a tool to force organizations and companies to consider privacy properly during the planning and the execution of their projects, some governments advise to perform privacy impact assessments (PIAs). During a PIA, a report has to be created that summarizes the consequence on privacy the project may have and how the organization or company addresses these consequences. As basis for a PIA, it has to be documented which personal data is collected, processed, stored, and shared with others in the context of the project. Obtaining this information is a difficult task that is not yet well supported by existing methods. In this paper, we present a method based on the problem-based privacy analysis (ProPAn) that helps to elicit the needed information for a PIA systematically from a given set of functional requirements. Our tool-supported method shall reduce the effort that has to be spent to elicit the information needed to conduct a PIA in a way that the information is as complete and consistent as possible.
    BibTeX:
    @inproceedings{CCIS16,
      year = {2016},
      title = {Supporting Privacy Impact Assessments using Problem-based Privacy Analysis},
      booktitle = {Software Technologies - 10th International Joint Conference, {ICSOFT} 2015, Revised Selected Papers},
      author = {Meis, Rene and Heisel, Maritta},
      publisher = {Springer},
      volume = {586},
      series = {Communications in Computer and Information Science},
      pages = {79--98},
      url = {http://dx.doi.org/10.1007/978-3-319-30142-6_5},
      doi = {10.1007/978-3-319-30142-6_5}
    }
    
    2016 Computer-Aided Identification and Validation of Privacy Requirements Meis, R. & Heisel, M. Information   MDPI  
    Abstract: Privacy is a software quality that is closely related to security. The main difference is that security properties aim at the protection of assets that are crucial for the considered system, and privacy aims at the protection of personal data that are processed by the system. The identification of privacy protection needs in complex systems is a hard and error prone task. Stakeholders whose personal data are processed might be overlooked, or the sensitivity and the need of protection of the personal data might be underestimated. The later personal data and the needs to protect them are identified during the development process, the more expensive it is to fix these issues, because the needed changes of the system-to-be often affect many functionalities. In this paper, we present a systematic method to identify the privacy needs of a software system based on a set of functional requirements by extending the problem-based privacy analysis (ProPAn) method. Our method is tool-supported and automated where possible to reduce the effort that has to be spent for the privacy analysis, which is especially important when considering complex systems. The contribution of this paper is a semi-automatic method to identify the relevant privacy requirements for a software-to-be based on its functional requirements. The considered privacy requirements address all dimensions of privacy that are relevant for software development. As our method is solely based on the functional requirements of the system to be, we enable users of our method to identify the privacy protection needs that have to be addressed by the software-to-be at an early stage of the development. As initial evaluation of our method, we show its applicability on a small electronic health system scenario.
    BibTeX:
    @article{Information16,
      year = {2016},
      title = {Computer-Aided Identification and Validation of Privacy Requirements},
      author = {Meis, Rene and Heisel, Maritta},
      journal = {Information},
      publisher = {MDPI},
      volume = {7},
      number = {28},
      url = {http://www.mdpi.com/2078-2489/7/2/28},
      doi = {10.3390/info7020028}
    }
    
    2015 A Problem-, Quality-, and Aspect-Oriented Requirements Engineering Method Faßbender, S., Heisel, M. & Meis, R. Software Technologies - 9th International Joint Conference, ICSOFT 2014, Vienna, Austria, August 29-31, 2014, Revised Selected Papers   Springer  
    Abstract: Requirements engineers not only have to cope with the requirements
    of various stakeholders for complex software systems, they also have
    to consider several software qualities (e.g., performance,
    maintainability, security, and privacy) that the system-to-be shall
    address. In such a situation, it is challenging for requirements engineers to
    develop a complete and coherent set of requirements for the
    system-to-be.
    Separation of concerns has shown to be one option to handle the
    complexity of systems. The problem frames approach address this
    principle by decomposing the problem of building the
    system-to-be into simpler subproblems. Aspect-orientation aims at
    separating cross-cutting functionalities into separate
    functionalities, called aspects.
    We propose a method called AORE4PF, which shows that
    aspect-orientation can be integrated into the problem frames
    approach to increase the separation of concerns and to benefit from
    several methods that exist on problem frames to develop a complete
    and coherent set of requirements. We validated our method with a
    small experiment in the field of crisis management.
    BibTeX:
    @inproceedings{CCIS15a,
      year = {2015},
      title = {A Problem-, Quality-, and Aspect-Oriented Requirements Engineering Method},
      booktitle = {Software Technologies - 9th International Joint Conference, {ICSOFT} 2014, Vienna, Austria, August 29-31, 2014, Revised Selected Papers},
      author = {Fa{\ss}bender, Stephan and Heisel, Maritta and Meis, Rene},
      publisher = {Springer},
      volume = {555},
      series = {Communications in Computer and Information Science},
      pages = {291--310},
      url = {http://dx.doi.org/10.1007/978-3-319-25579-8_17},
      doi = {10.1007/978-3-319-25579-8_17}
    }
    
    2015 Challenges in Rendering and Maintaining Trustworthiness for Long-Living Software Systems Alebrahim, A., Mohammadi, N. G. & Heisel, M. Proceedings of the 2nd Collaborative Workshop on Evolution and Maintenance of Long-Living Software Systems (EMLS), GI Software Engineering Tagung SE   CEUR-WS.org  
    Abstract: Trustworthiness plays a key role in acceptance and adoption of software
    by the end-users. When maintaining long-living software systems,
    trustworthiness has to be addressed since trust of the end-user is volatile
    and can change over time. In this paper, we discuss the challenges regarding
    trustworthiness of long-living software systems. Trustworthiness
    should be considered in the whole life-cycle of a long-living system,
    i.e., in all development phases aiming at building trustworthiness into
    the core of the system at design-time and later maintaining it during
    run-time. But, our focus in this paper is on challenges in requirements
    engineering and also planning for the run-time activities, e.g., what are
    the needed monitor interfaces, what are the planned actions and how
    are the execution interfaces for performing those actions.
    BibTeX:
    @inproceedings{EMLS2015,
      year = {2015},
      title = {Challenges in Rendering and Maintaining Trustworthiness for Long-Living Software Systems},
      booktitle = {Proceedings of the 2nd Collaborative Workshop on Evolution and Maintenance of Long-Living Software Systems (EMLS), GI Software Engineering Tagung SE},
      author = {Alebrahim, Azadeh and Mohammadi, Nazila Gol and Heisel, Maritta},
      publisher = {CEUR-WS.org},
      volume = {1337},
      series = {{CEUR} Workshop Proceedings},
      pages = {103--105},
      url = {http://ceur-ws.org/Vol-1337/paper14.pdf}
    }
    
    2015 A Structured Validation and Verification Method for Automotive Systems considering the OEM/Supplier Interface Beckers, K., Côté, I., Frese, T., Hatebur, D. & Heisel, M. Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer  
    Abstract: The released ISO 26262 standard for automotive systems requires several validation and verification activities. These validation and verification activities have to be planned and performed jointly by the OEMs and the suppliers. In this paper, we present a systematic, structured and model-based method to plan the required validation and verification activities and collect the results. Planning and the documentation of performed activities are represented by a UML notation extended with stereotypes. The UML model supports the creation of the artifacts required by ISO 26262, enables document generation and a rigorous check of several constraints expressed in OCL. We illustrate our method using the example of an electronic steering column lock system.
    BibTeX:
    @inproceedings{fs2015,
      year = {2015},
      title = {A Structured Validation and Verification Method for Automotive Systems considering the OEM/Supplier Interface},
      booktitle = {Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Frese, Thomas and Hatebur, Denis and Heisel, Maritta},
      publisher = {Springer},
      volume = {9337},
      pages = {90 - 107},
      url = {www.springer.com}
    }
    
    2015 Systematic Identification of Information Flows from Requirements to support Privacy Impact Assessments Meis, R. & Heisel, M. ICSOFT-PT 2015 - Proc. of the 10th Int. Conf. on Software Paradigm Trends   SciTePress  
    Abstract: Several countries prescribe or advise government departments and
    organizations to perform a privacy impact assessment (PIA) if these
    prepare new projects or change existing ones that involve personal
    information. A PIA shall summarize what personal information is
    collected, processed, stored, and distributed in the context of the
    project. But there is only little support for undertaking a PIA and
    to create a PIA report, most countries only provide vague guidelines
    and simple templates. We present in this paper an extension of the
    problem-based privacy analysis (ProPAn) method that derives
    information needed to conduct a PIA from a requirements model in
    problem frame notation. We provide a formally specified method with
    well-defined steps and tool support to reduce the effort to be spent
    for eliciting the needed information and to ensure that the needed
    information is as complete and coherent as possible to form an
    adequate basis for the creation of a PIA report.
    BibTeX:
    @inproceedings{ICSOFT15,
      year = {2015},
      title = {Systematic Identification of Information Flows from Requirements to support Privacy Impact Assessments},
      booktitle = {{ICSOFT-PT} 2015 - Proc. of the 10th Int. Conf. on Software Paradigm Trends},
      author = {Meis, Rene and Heisel, Maritta},
      publisher = {SciTePress},
      pages = {43-52},
      url = {http://dx.doi.org/10.5220/0005518500430052},
      doi = {10.5220/0005518500430052}
    }
    
    2015 Towards a Reliable Mapping between Performance and Security Tactics, and Architectural Patterns Alebrahim, A., Faßbender, S., Filipczyk, M., Goedicke, M. & Heisel, M. Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)   ACM  
    BibTeX:
    @inproceedings{,
      year = {2015},
      title = {Towards a Reliable Mapping between Performance and Security Tactics, and Architectural Patterns},
      booktitle = {Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)},
      author = {Alebrahim, Azadeh and Fa{\ss}bender, Stephan and Filipczyk, Martin and Goedicke, Michael and Heisel, Maritta},
      publisher = {ACM},
      url = {https://dl.acm.org/citation.cfm?id=2855361}
    }
    
    2014 Towards Developing Secure Software using Problem-oriented Security Patterns Alebrahim, A. & Heisel, M. Proceedings of the 6th International Cross-Domain Conference on Availability, Reliability, and Security in Information Systems and HCI (CD-ARES)   Springer  
    Abstract: Security as one essential quality requirement has to be addressed during
    the software development process. Quality requirements such as security
    drive the architecture of a software, while design decisions such as security patterns
    on the architecture level in turn might constrain the achievement of quality
    requirements significantly. Thus, to obtain sound architectures and correct requirements,
    knowledge which is gained in the solution space, for example from
    security patterns, should be reflected in the requirements engineering. In this paper,
    we propose an iterative method that takes into account the concurrent development
    of requirements and architecture descriptions systematically. It reuses
    security patterns for refining and restructuring the requirement models by applying
    problem-oriented security patterns. Problem-oriented security patterns adapt
    existing security patterns in a way that they can be used in the problem-oriented
    requirements engineering. The proposed method bridges the gap between security
    problems and security architectural solutions.
    BibTeX:
    @inproceedings{Alebrahim-cdares2014,
      year = {2014},
      title = {Towards Developing Secure Software using Problem-oriented Security Patterns},
      booktitle = {Proceedings of the 6th International Cross-Domain Conference on Availability, Reliability, and Security in Information Systems and HCI (CD-ARES)},
      author = {Alebrahim, Azadeh and Heisel, Maritta},
      publisher = {Springer},
      series = {LNCS 8708},
      pages = {45-62},
      url = {https://link.springer.com/}
    }
    
    2014 A Problem-based Approach for Computer Aided Privacy Threat Identification Beckers, K., Faßbender, S., Heisel, M. & Meis, R. Privacy Technologies and Policy   Springer  
    Abstract: Recently, there has been an increase of reported privacy threats hitting
    large software systems. These threats can originate from stakeholders that are
    part of the system. Thus, it is crucial for software engineers to identify these
    privacy threats, refine these into privacy requirements, and design solutions that
    mitigate the threats.

    In this paper, we introduce our methodology named Problem-Based Privacy Analysis (ProPAn). The ProPAn method is an approach for identifying privacy threats during the requirements
    analysis of software systems using problem frame models. Our approach does not rely
    entirely on the privacy analyst to detect privacy threats, but allows a computer aided privacy
    threat identification that is derived from the relations between stakeholders, technology, and personal information in the system-to-be.

    To capture the environment of the system, e.g., stakeholders and other IT systems,
    we use problem frames, a requirements engineering approach founded on the modeling
    of a machine (system-to-be) in its environment (e.g. stakeholders, other software). We define a UML profile for privacy requirements and a reasoning technique that
    identifies stakeholders, whose personal information are stored or transmitted in the system-to-be and stakeholders from whom we have to protect this personal information. We illustrate our approach using an eHealth scenario provided by the industrial partners of the EU project NESSoS.

    BibTeX:
    @inproceedings{APF2012,
      year = {2014},
      title = {A Problem-based Approach for Computer Aided Privacy Threat Identification},
      booktitle = {Privacy Technologies and Policy},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta and Meis, Rene},
      publisher = {Springer},
      volume = {8319},
      series = {LNCS},
      pages = {1-16},
      url = {http://dx.doi.org/10.1007/978-3-642-54069-1_1},
      doi = {10.1007/978-3-642-54069-1_1}
    }
    
    2014 A Structured Method for Security Requirements Elicitation concerning the Cloud Computing Domain Beckers, K., Côté, I., Goeke, L., Güler, S. & Heisel, M. International Journal of Secure Software Engineering (IJSSE) - Special Issue on 7th International Workshop on Secure Software Engineering (SecSE 2013)   IGI Global  
    Abstract: Cloud computing systems offer an attractive alternative to traditional IT-systems, because of economic benefits that arise from the cloud's scalable and flexible IT-resources. The benefits are of particular interest for SME's. The reason is that using Cloud Resources allows an SME to focus on its core business rather than on IT-resources. However, numerous concerns about the security of cloud computing services exist. Potential cloud customers have to be confident that the cloud services they acquire are secure for them to use. Therefore, they have to have a clear set of security requirements covering their security needs. Eliciting these requirements is a difficult task, because of the amount of stakeholders and technical components to consider in a cloud environment. Therefore, the authors propose a structured, pattern-based method supporting eliciting security requirements and selecting security measures. The method guides potential cloud customers to model the application of their business case in a cloud computing context using a pattern-based approach. Thus, a potential cloud customer can instantiate our so-called Cloud System Analysis Pattern. Then, the information of the instantiated pattern can be used to fill-out our textual security requirements patterns and individual defined security requirement patterns, as well. The presented method is tool-supported. Our tool supports the instantiation of the cloud system analysis pattern and automatically transfers the information from the instance to the security requirements patterns. In addition, they have validation conditions that check e.g., if a security requirement refers to at least one element in the cloud. The authors illustrate their method using an online-banking system as running example.
    BibTeX:
    @article{Beckers2014-IJIS,
      year = {2014},
      title = {A Structured Method for Security Requirements Elicitation concerning the Cloud Computing Domain},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Goeke, Ludger and G{\"{u}}ler, Selim and Heisel, Maritta},
      journal = {International Journal of Secure Software Engineering (IJSSE) - Special Issue on 7th International Workshop on Secure Software Engineering (SecSE 2013)},
      publisher = {IGI Global},
      volume = {5},
      number = {2},
      pages = {19 -- 41},
      url = {http://www.igi-global.com}
    }
    
    2014 A Threat Analysis Methodology for Smart Home Scenarios Beckers, K., Faßbender, S., Heisel, M. & Suppan, S. Smart Grid Security, Proceddings of the Second International Workshop (SmartGridSec)   Springer  
    Abstract: A smart grid is envisioned to enable a more economic, environmen-
    tal friendly, sustainable and reliable supply of energy. But significant security
    concerns have to be addressed for the smart grid, dangers range from threatened
    availability of energy, to threats of customer privacy. This paper presents a struc-
    tured method for identifying security threats in the smart home scenario and in
    particular for analyzing their severity and relevance. The method is able to unveil
    also new threats, not discussed in the literature before. The smart home scenario
    is represented by a context-pattern, which is a specific kind of pattern for the elic-
    itation of domain knowledge [5]. Hence, by exchanging the smart home pattern
    by a context-pattern for another domain, e.g., clouds, our method can be used
    for these other domains, as well. The proposal is based on Microsoft’s Security
    Development Lifecycle (SDL) [4], which uses Data Flow diagrams, but proposes
    new alternatives for scenario definition and asset identification based on context-
    patterns. These alleviate the lack of scalability of the SDL. In addition, we present
    Attack Path DFDs, that show how an attacker can compromise the system.
    BibTeX:
    @inproceedings{BFassbenderHS2014,
      year = {2014},
      title = {A Threat Analysis Methodology for Smart Home Scenarios},
      booktitle = {Smart Grid Security, Proceddings of the Second International Workshop (SmartGridSec)},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta and Suppan, Santiago},
      publisher = {Springer},
      volume = {8448},
      series = {Lecture Notes in Computer Science},
      pages = {94-124},
      url = {http://link.springer.com/chapter/10.1007/978-3-319-10329-7_7},
      doi = {10.1007/978-3-319-10329-7_7}
    }
    
    2014 Considering Attacker Motivation in Attack Graphs Analysis in a Smart Grid Scenario Beckers, K., Heisel, M., Krautsevich, L., Martinelli, F. & Yautsiukhin, A. Proceedings of the Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14)   Springer Berlin Heidelberg  
    BibTeX:
    @inproceedings{BHKMY2014,
      year = {2014},
      title = {{C}onsidering {A}ttacker {M}otivation in {A}ttack {G}raphs {A}nalysis in a {S}mart {G}rid {S}cenario},
      booktitle = {Proceedings of the Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14)},
      author = {Beckers, Kristian and Heisel, Maritta and Krautsevich, Leanid and Martinelli, Fabio and Yautsiukhin, Artsiom},
      publisher = {Springer Berlin Heidelberg},
      series = {LNCS 8448},
      pages = {Pages 30-47},
      url = {http://www.springerlink.com/}
    }
    
    2014 A Computer Aided Process From Problems to Laws in Requirements Engineering Faßbender, S. & Heisel, M. Software Technologies   Springer  
    Abstract: In today’s world many products and services are highly dependent on
    software and information systems. With the growing importance of IT systems,
    legislators worldwide decided to regulate and enforce laws for IT systems. With
    respect to this situation, the impact of compliance on the development of IT sys-
    tems becomes more and more severe. Hence, software engineers have a need for
    techniques to deal with compliance. But identifying relevant compliance regu-
    lations for IT systems is a challenging task. We proposed patterns and a struc-
    tured method to tackle these problems [1]. A crucial step is the transformation
    of requirements into a structure, which allows for the identification of laws. The
    transformation step was described in general in [2]. This work describes a method
    to structure the requirements, elicit the needed domain knowledge and transform
    requirements into law identification pattern instances. The manual execution of
    this method was reported by us to be time consuming and tedious. Hence, in this
    work we identify the points for (semi-)automation, and we outline a first imple-
    mentation for the automation. We present our results using a voting system as an
    example, which was obtained from the ModIWa DFG1 project and the common
    criteria profile for voting systems.
    BibTeX:
    @inproceedings{FassbenderH13_SDT,
      year = {2014},
      title = {A Computer Aided Process From Problems to Laws in Requirements Engineering},
      booktitle = {Software Technologies},
      author = {Fa{\ss}bender, Stephan and Heisel, Maritta},
      publisher = {Springer},
      volume = {457},
      series = {Communications in Computer and Information Science},
      pages = {215-234},
      url = {http://link.springer.com/chapter/10.1007%2F978-3-662-44920-2_14},
      doi = {10.1007/978-3-662-44920-2_14}
    }
    
    2014 Systematic Derivation of Functional Safety Requirements for Automotive Systems Beckers, K., Côté, I., Frese, T., Hatebur, D. & Heisel, M. Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer  
    Abstract: The released ISO 26262 standard for automotive systems
    requires breaking down safety goals from the hazard analysis and risk
    assessment into functional safety requirements in the functional safety
    concept. It has to be justi ed that the de ned functional safety requirements
    are suitable to achieve the stated safety goals. In this paper, we
    present a systematic, structured and model-based method to de ne functional
    safety requirements using a given set of safety goals. The rationale
    for safety goal achievement, the relevant attributes of the functional
    safety requirements, and their relationships are represented by a UML
    notation extended with stereotypes. The UML model enables a rigorous
    validation of several constraints expressed in OCL. We illustrate our
    method using an example electronic steering column lock system.
    BibTeX:
    @inproceedings{safecomp2014,
      year = {2014},
      title = {{Systematic Derivation of Functional Safety Requirements for Automotive Systems}},
      booktitle = {Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Frese, Thomas and Hatebur, Denis and Heisel, Maritta},
      publisher = {Springer},
      series = {LNCS 8666},
      pages = {65--80},
      url = {https://link.springer.com/}
    }
    
    2014 Optimizing functional and quality requirements according to stakeholders' goals Alebrahim, A., Choppy, C., Faßbender, S. & Heisel, M. System Quality and Software Architecture (SQSA)    
    BibTeX:
    @incollection{SQSA2014,
      year = {2014},
      title = {Optimizing functional and quality requirements according to stakeholders' goals},
      booktitle = {System Quality and Software Architecture (SQSA)},
      author = {Alebrahim, Azadeh and Choppy, Christine and Fa{\ss}bender, Stephan and Heisel, Maritta},
      publisher = {Elsevier},
      pages = {75-120}
    }
    
    2014 Privacy-Aware Cloud Deployment Scenario Selection Beckers, K., Faßbender, S., Gritzalis, S., Heisel, M., Kalloniatis, C. & Meis, R. Trust, Privacy, and Security in Digital Business   Springer  
    Abstract: Nowadays, IT-resources are often out-sourced to clouds to reduce
    administration and hardware costs of the own IT
    infrastructure. There are different deployment scenarios for clouds
    that heavily differ in the costs for deployment and maintenance, but
    also in the number of stakeholders involved in the cloud and the
    control over the data in the cloud. These additional stakeholders
    can introduce new privacy threats into a system. Hence, there is a
    trade-off between the reduction of costs and addressing privacy
    concerns introduced by clouds. Our contribution is a structured
    method that assists decision makers in selecting an appropriate
    cloud deployment scenario. Our method is based on the privacy
    requirements of the system-to-be. These are analyzed on basis of the
    functional requirements using the problem-based privacy threat
    analysis (ProPAn). The concept of clouds is integrated into the
    requirements model, which is used by ProPAn to automatically generate
    privacy threat graphs.
    BibTeX:
    @inproceedings{TrustBus2014,
      year = {2014},
      title = {Privacy-Aware Cloud Deployment Scenario Selection},
      booktitle = {Trust, Privacy, and Security in Digital Business},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Gritzalis, Stefanos and Heisel, Maritta and Kalloniatis, Christos and Meis, Rene},
      publisher = {Springer},
      series = {LNCS 8647},
      pages = {94-105},
      url = {http://dx.doi.org/10.1007/978-3-319-09770-1_9},
      doi = {10.1007/978-3-319-09770-1_9}
    }
    
    2013 Combining Goal-oriented and Problem-oriented Requirements Engineering Methods Beckers, K., Faßbender, S., Heisel, M. & Paci, F. Proceedings of the International Cross Domain Conference and Workshop (CD-ARES 2013)   Springer  
    Abstract: Several requirements engineering methods exist that differ in their abstraction
    level and in their view on the system-to-be. Two fundamentally different
    classes of requirements engineering methods are goal- and problem-based methods.
    Goal-based methods analyze the goals of stakeholders towards the systemto-
    be. Problem-based methods focus on decomposing the development problem
    into simple sub-problems. Goal-based methods use a higher abstraction level that
    consider only the parts of a system that are relevant for a goal and provide the
    means to analyze and solve goal conflicts. Problem-based methods use a lower
    abstraction level that describes the entire system-to-be. A combination of these
    methods enables a seamless software development, which considers stakeholders’
    goals and a comprehensive view on the system-to-be at the requirements
    level. We propose a requirements engineering method that combines the goalbased
    method SI* and the problem-based method Problem Frames. We propose
    to analyze the issues between different goals of stakeholders first using the SI*
    method. Our method provides the means to use the resulting SI* models as input
    for the problem frame method. These Problem Frame models can be refined into
    architectures using existing research. Thus, we provide a combined requirements
    engineering method that considers all stakeholder views and provides a detailed
    system specification. We illustrate our method using an E-Health example.
    BibTeX:
    @inproceedings{Beckers2013-cdares2,
      year = {2013},
      title = {Combining Goal-oriented and Problem-oriented Requirements Engineering Methods},
      booktitle = {Proceedings of the International Cross Domain Conference and Workshop (CD-ARES 2013)},
      author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta and Paci, Federica},
      publisher = {Springer},
      series = {LNCS 8127},
      pages = {178-194},
      url = {http://www.springerlink.com/}
    }
    
    2013 A pattern-based method for establishing a cloud-specific information security management system Beckers, K., Côté, I., Faßbender, S., Heisel, M. & Hofbauer, S. Requirements Engineering   Springer-Verlag  
    Abstract: Assembling an information security management
    system (ISMS) according to the ISO 27001 standard
    is difficult, because the standard provides only very sparse
    support for system development and documentation.
    Assembling an ISMS consists of several difficult tasks,
    e.g., asset identification, threat and risk analysis and
    security reasoning. Moreover, the standard demands consideration
    of laws and regulations, as well as privacy
    concerns. These demands present multi-disciplinary challenges
    for security engineers. Cloud computing provides
    scalable IT resources and the challenges of establishing an
    ISMS increases, because of the significant number of
    stakeholders and technologies involved and the distribution
    of clouds among many countries. We analyzed the ISO
    27001 demands for these multi-disciplinary challenges and
    cloud computing systems. Based on these insights, we
    provide a method that relies upon existing requirements
    engineering methods and patterns for several security tasks,
    e.g., context descriptions, threat analysis and policy definition.
    These can ease the effort of establishing an ISMS
    and can produce the necessary documentation for an ISO
    27001 compliant ISMS. We illustrate our approach using
    the example of an online bank.
    BibTeX:
    @article{Beckers2013rohtua,
      year = {2013},
      title = {A pattern-based method for establishing a cloud-specific information security management system},
      author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Fa{\ss}bender, Stephan and Heisel, Maritta and Hofbauer, Stefan},
      journal = {Requirements Engineering},
      publisher = {Springer-Verlag},
      pages = {1-53},
      url = {http://www.springerlink.com/}
    }
    
    2012 Ontology-Based Identification of Research Gaps and Immature Research Areas Beckers, K., Eicker, S., Faßbender, S., Heisel, M., Schmidt, H. & Schwittek, W. Proceedings of the International Cross Domain Conference and Workshop (CD-ARES 2012)   Springer  
    Abstract: Researchers often have to understand new knowledge areas, and identify
    research gaps and immature areas in them. They have to understand and
    link numerous publications to achieve this goal. This is difficult, because natural
    language has to be analyzed in the publications, and implicit relations between
    them have to be discovered. We propose to utilize the structuring possibilities of
    ontologies to make the relations between publications, knowledge objects (e.g.,
    methods, tools, notations), and knowledge areas explicit. Furthermore, we use
    Kitchenham’s work on structured literature reviews and apply it to the ontology.
    We formalize relations between objects in the ontology using Codd’s relational
    algebra to support different kinds of literature research. These formal expressions
    are implemented as ontology queries. Thus, we implement an immature research
    area analysis and research gap identification mechanism. The ontology and its
    relations are implemented based on the Semantic MediaWiki+ platform.
    BibTeX:
    @inproceedings{Beckers2012-ares1,
      year = {2012},
      title = {Ontology-Based Identification of Research Gaps and Immature Research Areas},
      booktitle = {Proceedings of the International Cross Domain Conference and Workshop (CD-ARES 2012)},
      author = {Beckers, Kristian and Eicker, Stefan and Fa{\ss}bender, Stephan and Heisel, Maritta and Schmidt, Holger and Schwittek, Widura},
      publisher = {Springer},
      series = {LNCS 7465},
      pages = {93-107},
      url = {http://www.springerlink.com/}
    }
    
    2012 A Common Body of Knowledge for Engineering Secure Software and Services Schwittek, W., Schmidt, H., Beckers, K., Eicker, S., Faßbender, S. & Heisel, M. Proceedings of the International Conference on Availability, Reliability and Security (ARES) - 1st International Workshop on Security Ontologies and Taxonomies (SecOnT 2012)   IEEE Computer Society  
    BibTeX:
    @inproceedings{Beckers2012-ares7,
      year = {2012},
      title = {A Common Body of Knowledge for Engineering Secure Software and Services},
      booktitle = {Proceedings of the International Conference on Availability, Reliability and Security ({ARES}) - 1st International Workshop on Security Ontologies and Taxonomies (SecOnT 2012)},
      author = {Schwittek, Widura and Schmidt, Holger and Beckers, Kristian and Eicker, Stefan and Fa{\ss}bender, Stephan and Heisel, Maritta},
      publisher = {IEEE Computer Society},
      pages = {499-506},
      url = {http://www.ieee.org/}
    }
    
    2012 Supporting Quality-Driven Design Decisions by Modeling Variability Alebrahim, A. & Heisel, M. Proceedings of the International ACM Sigsoft Conference on the Quality of Software Architectures (QoSA)   ACM  
    Abstract: Design decisions should take quality characteristics into account.
    To support such decisions, we capture various solution
    artifacts with different levels of satisfying quality requirements
    as variabilities in the solution space and provide
    them with rationales for selecting suitable variants. We
    present a UML-based approach to modeling variability in
    the problem and the solution space by adopting the notion
    of feature modeling. It provides a mapping of requirements
    variability to design solution variability to be used as a part
    of a general process for generating design alternatives. Our
    approach supports the software engineer in the process of
    decision-making for selecting suitable solution variants, reflecting
    quality concerns, and reasoning about it.
    BibTeX:
    @inproceedings{qosa2012,
      year = {2012},
      title = {Supporting Quality-Driven Design Decisions by Modeling Variability},
      booktitle = {Proceedings of the International ACM Sigsoft Conference on the Quality of Software Architectures ({QoSA})},
      author = {Alebrahim, Azadeh and Heisel, Maritta},
      publisher = {ACM},
      pages = {43-48},
      url = {https://dl.acm.org/citation.cfm?id=2304705}
    }
    
    2012 Designing Architectures from Problem Descriptions by Interactive Model Transformation Alebrahim, A., Côté, I., Heisel, M., Choppy, C. & Hatebur, D. Proceedings 27th Symposium on Applied Computing   ACM  
    Abstract: We present a structured approach to systematically derive a software
    architecture from a given problem description based on problem
    frames and a description of the environment. Our aim is to
    re-use the elements of the problem descriptions in creating the architecture.
    The derivation is performed by transforming the problem
    description into an initial architecture, where each subproblem
    corresponds to a component. The transformation is supported by
    model transformation rules, formally specified as operations with
    pre- and postconditions. This specification serves as a blueprint for
    a tool supporting the architectural design. We illustrate our method
    by the example of a patient care system.
    BibTeX:
    @inproceedings{SAC2012,
      year = {2012},
      title = {Designing Architectures from Problem Descriptions by Interactive Model Transformation},
      booktitle = {Proceedings 27th Symposium on Applied Computing},
      author = {Alebrahim, Azadeh and C{\^{o}}t{\'{e}}, Isabelle and Heisel, Maritta and Choppy, Christine and Hatebur, Denis},
      publisher = {ACM},
      pages = {1256--1258},
      url = {http://dl.acm.org/}
    }
    
    2011 A Method to Derive Software Architectures from Quality Requirements Alebrahim, A., Hatebur, D. & Heisel, M. Proceedings of the 18th Asia-Pacific Software Engineering Conference (APSEC)   IEEE Computer Society  
    Abstract: We present a model- and pattern-based method that allows software engineers to take quality requirements into account right from the beginning of the software development process. The method comprises requirements analysis as well as the derivation of a software architecture from requirements documents, in which quality requirements are reflected explicitly. For requirements analysis, we use an enhancement of the problem frame approach, where software development problems are represented by problem diagrams. The derivation of a software architecture starts from a set of problem diagrams, annotated with functional as well as quality requirements. First, we set up an initial software architecture, taking into account the decomposition of the overall software development problem into subproblems. Then, we incorporate quality requirements into that architecture by using security or performance patterns or mechanisms. The method is toolsupported, which allows developers to check semantic integrity conditions in the different models
    BibTeX:
    @inproceedings{AHH2011b,
      year = {2011},
      title = {A Method to Derive Software Architectures from Quality Requirements},
      booktitle = {Proceedings of the 18th Asia-Pacific Software Engineering Conference ({APSEC})},
      author = {Alebrahim, Azadeh and Hatebur, Denis and Heisel, Maritta},
      publisher = {IEEE Computer Society},
      pages = {322--330},
      url = {https://www.ieee.org/}
    }
    
    2011 On the Evolution of Component-based Software Côté, I., Heisel, M. & Souquières, J. Proceedings 4th IFIP TC2 Central and East European Conference on Software Engineering Techniques (CEE-SET)   Springer  
    BibTeX:
    @inproceedings{ceeset2009,
      year = {2011},
      title = {On the Evolution of Component-based Software},
      booktitle = {Proceedings 4th IFIP TC2 Central and East European Conference on Software Engineering Techniques (CEE-SET)},
      author = {C{\^{o}}t{\'{e}}, Isabelle and Heisel, Maritta and Souqui{\`{e}}res, Jeanine},
      publisher = {Springer},
      series = {LNCS 7054},
      pages = {54-69},
      url = {https://link.springer.com/}
    }
    
    2011 Systematic Architectural Design based on Problem Patterns Choppy, C., Hatebur, D. & Heisel, M. Relating Software Requirements and Architectures   Springer  
    Abstract: We present a method to derive systematically software architectures
    from problem descriptions. The problem descriptions are based on the artifacts
    that are set up when following Jackson's problem frame approach. They include a
    context diagram describing the overall problem situation and a set of problem
    diagrams that describe subproblems of the overall software development problem.
    The different subproblems should be instances of problem frames, which are
    patterns for simple software development problems.
    Starting from these pattern-based problem descriptions, we derive a software
    architecture in three steps. An initial architecture contains one component for each
    subproblem. In the second step, we apply different architectural and design
    patterns and introduce coordinator and facade components. In the final step, the
    components of the intermediate architecture are re-arranged to form a layered
    architecture, and interface and driver components are added.
    All artefacts are expressed as UML diagrams, using specific UML profiles. The
    method is tool-supported. Our tool supports developers in setting up the diagrams,
    and it checks different validation conditions concerning the semantic integrity and
    the coherence of the different diagrams.
    We illustrate the method by deriving an architecture for an automated teller
    machine.
    BibTeX:
    @incollection{CHH2011a,
      year = {2011},
      title = {Systematic Architectural Design based on Problem Patterns},
      booktitle = {Relating Software Requirements and Architectures},
      author = {Choppy, Christine and Hatebur, Denis and Heisel, Maritta},
      publisher = {Springer},
      pages = {133--159},
      url = {https://link.springer.com/}
    }
    
    2011 A UML Profile and Tool Support for Evolutionary Requirements Engineering Côté, I. & Heisel, M. Proceedings of the European Conference on Software Maintenance and Reengineering   IEEE  
    Abstract: In this paper, we present a method to perform the
    first steps of software evolution, namely evolutionary requirements
    engineering, where new requirements have to be analyzed
    in the context of a set of already given requirements. The basic
    idea is to adjust an existing requirements engineering process
    so that evolution is supported. In the requirements engineering
    process we consider, the original software development problem
    is decomposed into a number of subproblems that are analyzed
    according to the problem frame approach [1]. Evolution is
    performed by defining rules for each process step and each
    document that is generated in the respective step to incorporate
    the new evolution requirements into the existing requirements
    documents or to create, when necessary, additional documents.
    We show that the evolution task benefits from the chosen problem
    decomposition. The described software evolution method is toolsupported.
    Our tool UML4PF, which is based on the Eclipse
    Modeling Framework, supports the problem frame approach to
    software engineering by a specifically defined UML profile. We
    extend that profile so that it also covers software evolution.
    BibTeX:
    @inproceedings{CoteHeisel2011,
      year = {2011},
      title = {A {UML} Profile and Tool Support for Evolutionary Requirements Engineering},
      booktitle = {Proceedings of the European Conference on Software Maintenance and Reengineering},
      author = {C{\^{o}}t{\'{e}}, Isabelle and Heisel, Maritta},
      publisher = {IEEE},
      pages = {161--170},
      url = {https://www.ieee.org/}
    }
    
    2011 A Pattern- and Component-Based Method to Develop Secure Software Schmidt, H., Hatebur, D. & Heisel, M. Software Engineering for Secure Systems: Academic and Industrial Perspectives   IGI Global  
    Abstract: We present a security engineering process based on security problem frames and concretized
    security problem frames. Both kinds of frames constitute patterns for analyzing security problems
    and associated solution approaches. They are arranged in a pattern system that makes
    dependencies between them explicit. We describe step-by-step how the pattern system can be
    used to analyze a given security problem and how solution approaches can be found.
    Afterwards, the security problems and the solution approaches are formally modeled in detail.
    The formal models serve to prove that the solution approaches are correct solutions to the security
    problems. Furthermore, the formal models of the solution approaches constitute a formal
    specification of the software to be developed.
    Then, the specification is implemented by generic security components and generic security
    architectures, which constitute architectural patterns. Finally, the generic security components
    and the generic security architecture that composes them are refined and the result is a secure
    software product built from existing and/or tailor-made security components.
    KEYWORDS
    security
    BibTeX:
    @incollection{SHH2011,
      year = {2011},
      title = {A Pattern- and Component-Based Method to Develop Secure Software},
      booktitle = {Software Engineering for Secure Systems: Academic and Industrial Perspectives},
      author = {Schmidt, Holger and Hatebur, Denis and Heisel, Maritta},
      publisher = {IGI Global},
      pages = {32--74},
      url = {http://www.igi-global.com/}
    }
    
    2010 Making Pattern- and Model-Based Software Development More Rigorous Hatebur, D. & Heisel, M. Proceedings of International Conference on Formal Engineering Methods (ICFEM)   Springer  
    Abstract: Pattern-based and model-based software development approaches have
    a high potential to improve the quality of software. Patterns allow engineers to
    re-use established and proven development knowledge. Developing software by
    constructing a sequence of models provides engineers with various possibilities
    for validation, because the different development models are not independent of
    each other and hence can be checked for coherence.
    We present a UML profile equipped with numerous OCL constraints that supports
    a pattern- and model-based software development process. The basis of the
    UML profile is a representation of problem frames, which are patterns supporting
    requirements analysis. OCL constraints provide a formal underpinning of the
    development process and allow one to perform semantic checks every time a new
    model is set up. Our approach is supported by a tool, called UML4PF. The tool
    is based on the Eclipse development environment, extended by an EMF-based
    UML tool, in our case, Papyrus. In this paper, we specifically focus on ensuring
    that problem frames are instantiated correctly. We illustrate our approach by the
    case study of an automatic teller machine.
    BibTeX:
    @inproceedings{HateburHeisel2010a,
      year = {2010},
      title = {Making Pattern- and Model-Based Software Development More Rigorous},
      booktitle = {Proceedings of International Conference on Formal Engineering Methods ({ICFEM})},
      author = {Hatebur, Denis and Heisel, Maritta},
      publisher = {Springer},
      series = {LNCS 6447},
      pages = {253--269},
      url = {https://link.springer.com/}
    }
    
    2010 Automated Checking of Integrity Constraints for a Model- and Pattern-Based Requirements Engineering Method (Technical Report) Côté, I., Hatebur, D. & Heisel, M.    
    Abstract: We present a new UML profile serving to support a pattern- and model-based requirements engineering method based on Jackson’s problem frames. The UML profile allows us to express the different models being defined during requirements analysis using UML diagrams. In order to automatically perform semantic validations associated with the method, we provide integrity conditions, expressed as OCL constraints.
    These constraints concern single models as well as the coherence of different models. To provide tool support for the requirements engineering method, we have developed a tool called UML4PF. It is based on the
    Eclipse development environment, extended by an EMF-based UML tool, in our case, Papyrus. To demonstrate the applicability of our approach, we use the case study of a vacation rentals reservation system.
    BibTeX:
    @misc{,
      year = {2010},
      title = {Automated Checking of Integrity Constraints for a Model- and Pattern-Based Requirements Engineering Method (Technical Report)},
      author = {C{\^{o}}t{\'{e}}, Isabelle and Hatebur, Denis and Heisel, Maritta}
    }
    
    2009 Problem-Oriented Documentation of Design Patterns Fülleborn, A., Meffert, K. & Heisel, M. Proceedings 12thInternational Conference on Fundamental Approaches to Software Engineering (FASE)   Springer  
    Abstract: In order to retrieve, select and apply design patterns in a
    tool-supported way, we suggest to construct and document a problemcontext
    pattern that re
    ects the essence of the problems that the design
    pattern is meant to solve. In our approach, software engineers can choose
    examples of source code or UML models from the special domains that
    they are experts in. We present a method that enables software engineers
    to describe the transformation from a problem-bearing source model to
    an appropriate solution model. Afterwards, the inverse of that transformation
    is applied to the UML solution model of the existing design
    pattern, resulting in an abstract problem-context pattern. This pattern
    can then be stored together with the solution pattern in a pattern library.
    The method is illustrated by deriving a problem-context pattern
    for the Observer design pattern.
    BibTeX:
    @inproceedings{FASE09,
      year = {2009},
      title = {Problem-Oriented Documentation of Design Patterns},
      booktitle = {Proceedings 12thInternational Conference on Fundamental Approaches to Software Engineering (FASE)},
      author = {F{\"{u}}lleborn, Alexander and Meffert, Klaus and Heisel, Maritta},
      publisher = {Springer},
      series = {LNCS 5503},
      pages = {294--308},
      url = {https://link.springer.com/}
    }
    
    2009 Deriving Software Architectures from Problem Descriptions Hatebur, D. & Heisel, M. Software Engineering 2009 - Workshopband   GI  
    Abstract: We show how software architectures (including interface descriptions) can
    be derived from artifacts set up in the analysis phase of the software lifecycle. The
    analysis phase consists of six steps, where various models are constructed. Especially,
    the software development problem is decomposed into simple subproblems. The models
    set up in the analysis phase form the basis for (i) defining software architectures
    related to single subproblems, (ii) merging the subproblem architectures to obtain the
    overall software architecture, and (iii) to define the interfaces between the components
    of the overall architecture. The approach is based on problem patterns (problem
    frames) and the architectural style of layered software architectures.
    BibTeX:
    @inproceedings{HH09a,
      year = {2009},
      title = {Deriving Software Architectures from Problem Descriptions},
      booktitle = {Software Engineering 2009 - Workshopband},
      author = {Hatebur, Denis and Heisel, Maritta},
      publisher = {GI},
      pages = {383--302},
      url = {https://gi.de/}
    }
    
    2007 Pattern-based Evolution of Software Architectures Côté, I., Heisel, M. & Wentzlaff, I. Proceedings of the 1st European Conference on Software Architecture (ECSA 2007)   Springer  
    Abstract: We propose a pattern-based software development method comprising analysis (using problem frames) and design (using architectural and design patterns), of which especially evolving systems benefit. Evolution operators guide a pattern-based transformation procedure, including re-engineering tasks for adjusting a given software architecture to meet new system demands. Through application of these operators, relations between analysis and design documents are explored systematically for accomplishing desired software modifications. This allows for reusing development documents to a large extent, even when the application environment and the requirements change.
    BibTeX:
    @inproceedings{CHW2007a,
      year = {2007},
      title = {Pattern-based Evolution of Software Architectures},
      booktitle = {Proceedings of the 1st European Conference on Software Architecture (ECSA 2007)},
      author = {C{\^{o}}t{\'{e}}, Isabelle and Heisel, Maritta and Wentzlaff, Ina},
      publisher = {Springer},
      series = {LNCS 4758},
      pages = {29 -- 43},
      url = {http://www.springerlink.com}
    }
    
    2007 A Pattern System for Security Requirements Engineering Hatebur, D., Heisel, M. & Schmidt, H. Proceedings of the International Conference on Availability, Reliability and Security (AReS)   IEEE Computer Society  
    Abstract: We present a pattern system for security requirements engineering,
    consisting of security problem frames and concretized
    security problem frames. These are special kinds
    of problem frames that serve to structure, characterize, analyze,
    and finally solve software development problems in the
    area of software and system security. We equip each frame
    with formal preconditions and postconditions. The analysis
    of these conditions results in a pattern system that explicitly
    shows the dependencies between the different frames.
    Moreover, we indicate related frames, which are commonly
    used together with the considered frame. Hence, our approach
    helps security engineers to avoid omissions and to
    cover all security requirements that are relevant for a given
    problem.
    BibTeX:
    @inproceedings{HHS2007,
      year = {2007},
      title = {A Pattern System for Security Requirements Engineering},
      booktitle = {Proceedings of the International Conference on Availability, Reliability and Security (AReS)},
      author = {Hatebur, Denis and Heisel, Maritta and Schmidt, Holger},
      publisher = {IEEE Computer Society},
      series = {IEEE Transactions},
      pages = {356--365},
      url = {https://www.ieee.org}
    }
    
    2007 A Security Engineering Process based on Patterns Hatebur, D., Heisel, M. & Schmidt, H. Proceedings of the International Workshop on Secure Systems Methodologies using Patterns (SPatterns)   IEEE Computer Society  
    Abstract: We present a security engineering process based on security
    problem frames and concretized security problem
    frames. Both kinds of frames constitute patterns for analyzing
    security problems and associated solution approaches.
    They are arranged in a pattern system that makes dependencies
    between them explicit. We describe step-by-step how
    the pattern system can be used to analyze a given security
    problem and how solution approaches can be found. Further,
    we introduce a new frame that focuses on the privacy
    requirement anonymity.
    BibTeX:
    @inproceedings{HHS2007a,
      year = {2007},
      title = {A Security Engineering Process based on Patterns},
      booktitle = {Proceedings of the International Workshop on Secure Systems Methodologies using Patterns (SPatterns)},
      author = {Hatebur, Denis and Heisel, Maritta and Schmidt, Holger},
      publisher = {IEEE Computer Society},
      url = {https://www.ieee.org}
    }
    
    2007 Enhancing Dependability of Component-Based Systems Lanoix, A., Hatebur, D., Heisel, M. & Souquières, J. Reliable Software Technologies -- Ada Europe 2007   Springer  
    Abstract: We present an approach for enhancing dependability of component-
    based software. Functionality related to security, safety and reliability
    is encapsulated in specific components, allowing the method to
    be applied to off-the-shelf components. Any set of components can be
    extended with dependability features by wrapping them with special
    components, which monitor and filter input and outputs. This approach
    is supported by a rigorous development methodology based on UML and
    the B method and is introduced on the level of software architecture.
    BibTeX:
    @inproceedings{LHH+2007,
      year = {2007},
      title = {Enhancing Dependability of Component-Based Systems},
      booktitle = {Reliable Software Technologies -- Ada Europe 2007},
      author = {Lanoix, Arnaud and Hatebur, Denis and Heisel, Maritta and Souqui{\`{e}}res, Jeanine},
      publisher = {Springer},
      series = {LNCS 4498},
      pages = {41--54},
      url = {https://link.springer.com/}
    }
    
    2006 Component composition through architectural patterns for problem frames Choppy, C., Hatebur, D. & Heisel, M. Proc. XIII Asia Pacific Software Engineering Conference   IEEE Computer Society  
    Abstract: In this paper, we present a pattern-based software development
    process using problem frames and corresponding
    architectural patterns. In decomposing a complex problem
    into simple subproblems, the relationships between the subproblems
    are recorded explicitly. Based on this information,
    we give guidelines on how to derive the software architecture
    for the overall problem from the software architectures
    of the simple subproblems.
    BibTeX:
    @inproceedings{CHH2006,
      year = {2006},
      title = {Component composition through architectural patterns for problem frames},
      booktitle = {Proc. XIII Asia Pacific Software Engineering Conference},
      author = {Choppy, Christine and Hatebur, Denis and Heisel, Maritta},
      publisher = {IEEE Computer Society},
      pages = {27--34},
      url = {https://www.ieee.org}
    }
    
    2006 Security Engineering using Problem Frames Hatebur, D., Heisel, M. & Schmidt, H. Proceedings of the International Conference on Emerging Trends in Information and Communication Security (ETRICS)   Springer  
    Abstract: We present a method for security engineering, which is based on two
    special kinds of problem frames that serve to structure, characterize, analyze, and
    finally solve software development problems in the area of software and system
    security. Both kinds of problem frames constitute patterns for representing security
    problems, variants of which occur frequently in practice.We present security
    problem frames, which are instantiated in the initial step of our method. They explicitly
    distinguish security problems from their solutions. To prepare the solution
    of the security problems in the next step, we employ concretized security problem
    frames capturing known approaches to achieve security. Finally, the last step of
    our method results in a specification of the system to be implemented given by
    concrete security mechanisms and instantiated generic sequence diagrams. We
    illustrate our approach by the example of a secure remote display system.
    BibTeX:
    @inproceedings{HHS2006a,
      year = {2006},
      title = {Security Engineering using Problem Frames},
      booktitle = {Proceedings of the International Conference on Emerging Trends in Information and Communication Security (ETRICS)},
      author = {Hatebur, Denis and Heisel, Maritta and Schmidt, Holger},
      publisher = {Springer},
      volume = {3995/2006},
      pages = {238--253},
      url = {https://link.springer.com/}
    }
    
    2006 A Method for Component-Based Software and System Development Hatebur, D., Heisel, M. & Souquières, J. Proc. 32nd Euromicro Conference on Software Engineering and Advanced Applications (SEAA)   IEEE Computer Society  
    Abstract: In this paper, we present a pattern-based software development
    process using problem frames and corresponding
    architectural patterns. In decomposing a complex problem
    into simple subproblems, the relationships between the subproblems
    are recorded explicitly. Based on this information,
    we give guidelines on how to derive the software architecture
    for the overall problem from the software architectures
    of the simple subproblems.
    BibTeX:
    @inproceedings{HHS2006b,
      year = {2006},
      title = {A Method for Component-Based Software and System Development},
      booktitle = {Proc. 32nd Euromicro Conference on Software Engineering and Advanced Applications (SEAA)},
      author = {Hatebur, Denis and Heisel, Maritta and Souqui{\`{e}}res, Jeanine},
      publisher = {IEEE Computer Society},
      pages = {72--80},
      url = {https://www.ieee.org}
    }
    
    2006 Entwicklung aus dem Baukasten. Modellierung und Verifikation technischer Systeme Heisel, M., König, B., Kochs, H.-D. & Petersen, Jö. Forum Forschung    
    Abstract: Technische Systeme sind heute allgegenwärtig: Ob im Haushalt, im Auto oder im Flugzeug.
    Systemtechnik dominiert auch Heizungs- und Solartechnikanlagen, ganze Kraftwerke,
    Raffinerien oder Stahlwerke. Vernetzte und verteilte Systeme wie Mobilkommunikationssysteme,
    das Internet oder satellitengestützte Positions- und Mautsysteme umspannen die
    ganze Welt. Informatische Techniken sind dabei oft nicht nur Bestandteil dieser Systeme,
    sondern werden auch bei deren Konzeption, Produktion und Qualitätsüberwachung eingesetzt.
    Das Informatikjahr soll das Bewusstsein schärfen, dass unsere Gesellschaft ohne
    Technik und diese wiederum ohne Informatik überhaupt nicht mehr funktionieren
    würden.
    BibTeX:
    @article{HKK+2006,
      year = {2006},
      title = {Entwicklung aus dem Baukasten. Modellierung und Verifikation technischer Systeme},
      author = {Heisel, Maritta and K{\"{o}}nig, Barbara and Kochs, Hans-Dieter and Petersen, J{\"{o}}rg},
      journal = {Forum Forschung},
      pages = {32--41},
      note = {Universit{\"{a}}t Duisburg-Essen}
    }
    
    2005 A Model-Based Development Process for Embedded Systems Heisel, M. & Hatebur, D. Proc. Workshop on Model-Based Development of Embedded Systems    
    Abstract: We present a development process for embedded systems which emerged from industrial
    practice. This process covers hardware and software components for systems engineering, but the main
    focus is on embedded software components and the modeling of problems, specications, tests and
    architectures. Each step of the process has validation conditions associated with it that help to detect
    errors as early as possible.
    BibTeX:
    @inproceedings{HH2005a,
      year = {2005},
      title = {A Model-Based Development Process for Embedded Systems},
      booktitle = {Proc. Workshop on Model-Based Development of Embedded Systems},
      author = {Heisel, Maritta and Hatebur, Denis},
      publisher = {Technical University of Braunschweig},
      number = {TUBS-SSE-2005-01},
      note = {Available at {\tt http://www.sse.cs.tu-bs.de/publications/MBEES-Tagungsband.pdf}}
    }
    
    2004 Une approache à base de ``patrons'' pour la spécification et le développement de systèmes d'information Choppy, C. & Heisel, M. Proceedings Approches Formelles dans l'Assistance au Développement de Logiciels - AFADL'2004    
    Abstract: Les "patrons" (ou "patterns") tels que les "problem frames" (schémas de problèmes) et les styles d'architecture sont utilisés ici comme support pour la spécication formelle et le développement de systèmes d'information. De nouveaux schémas de problèmes spéciques pour les systèmes d'information sont proposés pour décrire les sous-problèmes identiés et pour aider la spécication formelle. La recomposition est effectuée en utilisant une approche basée sur les composants et un style d'architecture qui permet de réunir les différents composants. Une méthode originale est proposée pour accompagner ce processus, avec la mise à prot de certains apports d'UML pour le premier niveau de décomposition, puis l'utilisation des "patterns". Ces idées sont illustrées sur une étude de cas.
    BibTeX:
    @inproceedings{CH2004,
      year = {2004},
      title = {Une approache {\`{a}} base de ``patrons'' pour la sp{\'{e}}cification et le d{\'{e}}veloppement de syst{\`{e}}mes d'information},
      booktitle = {Proceedings Approches Formelles dans l'Assistance au D{\'{e}}veloppement de Logiciels - AFADL'2004},
      author = {Choppy, Christine and Heisel, Maritta},
      pages = {61--76}
    }
    
    2004 A Systematic Approach for Guiding Software Evolution Heisel, M. & von Schwichow, C. Proceedings of the IASTED Conference on Software Engineering (SE 2004)   ACTA Press  
    Abstract: We present an approach to adjust existing software to new
    or changed requirements in an systematic way. The approach
    relies on a set of intermediate artifacts linked by
    mappings that bridge the gap between requirements and
    code. Those artifacts and the links between them can be
    constructed and maintained with reasonable effort. Additional
    support is supplied by bookkeeping and validation
    concepts. We demonstrate the usefulness of our approach
    by performing our method on a real-life application.
    BibTeX:
    @inproceedings{Heisel2004a,
      year = {2004},
      title = {A Systematic Approach for Guiding Software Evolution},
      booktitle = {Proceedings of the IASTED Conference on Software Engineering (SE 2004)},
      author = {Heisel, Maritta and von Schwichow, Carsten},
      publisher = {ACTA Press},
      pages = {462--468},
      url = {http://www.actapress.com/}
    }
    
    2004 Adding Features to Component-Based Systems Heisel, M. & Souquières, J. Objects, Agents and Features   Springer  
    Abstract: Features and components are two different structuring mechanisms
    for software systems. Both are very useful, but lead to different structures for
    the same system. Usually, features are spread over more than one component. In
    this paper, we aim at reconciling the two structuring mechanisms. We show how
    component orientation can support adding new features to a base system. We
    present a method for adding features in a systematic way to component-based
    systems that have been specified according to the method proposed by Cheesman
    and Daniels
    BibTeX:
    @incollection{HS2004a,
      year = {2004},
      title = {Adding Features to Component-Based Systems},
      booktitle = {Objects, Agents and Features},
      author = {Heisel, Maritta and Souqui{\`{e}}res, Jeanine},
      publisher = {Springer},
      series = {LNCS 2975},
      pages = {137--153},
      url = {https://link.springer.com/}
    }
    
    2004 Signature Matching with UML Rudloff, R. & Heisel, M.    
    Abstract: to be inserted
    BibTeX:
    @techreport{Rudloff2004,
      year = {2004},
      title = {Signature Matching with {UML}},
      author = {Rudloff, Roberto and Heisel, Maritta},
      note = {Internal working paper}
    }
    
    2003 Use of Patterns in Formal Development: Systematic Transition From Problems to Architectural Designs Choppy, C. & Heisel, M. Recent Trends in Algebraic Development Techniques, 16th WADT, Selected Papers   Springer  
    Abstract: We present a pattern-based software lifecycle and a method that supports the systematic execution of that lifecycle. First, problem frames are used to develop a formal specification of the problem to be solved. In a second phase, architectural styles are used to construct an architectural specification of the software system to be developed. That specification forms the basis for fine-grained design and implementation.
    BibTeX:
    @inproceedings{CH2003,
      year = {2003},
      title = {Use of Patterns in Formal Development: Systematic Transition From Problems to Architectural Designs},
      booktitle = {Recent Trends in Algebraic Development Techniques, 16th WADT, Selected Papers},
      author = {Choppy, Christine and Heisel, Maritta},
      publisher = {Springer},
      series = {LNCS 2755},
      pages = {205--220},
      url = {https://link.springer.com/}
    }
    
    2002 A Problem-Oriented Approach to Common Criteria Certification Rottke, T., Hatebur, D., Heisel, M. & Heiner, M. Proceedings of the 21st International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer  
    Abstract: There is an increasing demand to certify the security of systems according to the Common Criteria (CC). The CC distinguish several evaluation assurance levels (EALs), level EAL7 being the highest and requiring the application of formal techniques. We present a method for requirements engineering and (semi-formal and formal) modeling of systems to be certified according to the higher evaluation assurance levels of the CC. The method is problem oriented, i.e. it is driven by the environment in which the system will operate and by a mission statement. We illustrate our approach by an industrial case study, namely an electronic purse card (EPC) to be implemented on a Java Smart Card. As a novelty, we treat the mutual asymmetric authentication of the card and the terminal into which the card is inserted.
    BibTeX:
    @inproceedings{RHH+2002,
      year = {2002},
      title = {A Problem-Oriented Approach to Common Criteria Certification},
      booktitle = {Proceedings of the 21st International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
      author = {Rottke, Thomas and Hatebur, Denis and Heisel, Maritta and Heiner, Monika},
      publisher = {Springer},
      series = {LNCS 2434},
      pages = {334--346},
      url = {https://link.springer.com/}
    }
    
    2002 Specification and Refinement of Secure IT Systems Santen, T., Pfitzmann, A. & Heisel, M. Proc. International Workshop on Refinement of Critical Systems    
    BibTeX:
    @inproceedings{SPH2002,
      year = {2002},
      title = {Specification and Refinement of Secure {IT} Systems},
      booktitle = {Proc.\ International Workshop on Refinement of Critical Systems},
      author = {Santen, Thomas and Pfitzmann, Andreas and Heisel, Maritta},
      note = {http://www.esil.univ-mrs.fr/\verb|~|spc/rcs02/papers/Santen.ps.gz}
    }
    
    2001 Specifying Safety-Critical Embedded systems with Statecharts and Z: An Agenda for Cyclic Software Components Grieskamp, W., Heisel, M. & Dörr, H. Science of Computer Programming    
    Abstract: The application of formal techniques can contribute much to the quality of software, which is of utmost importance for safety-critical embedded systems. These techniques, however, are not easy to apply. In particular, methodological guidance is often unsatisfactory. We address this problem by the concept of an agenda. An agenda is a list of activities to be performed for solving a task in software engineering. Agendas used to support the application of formal specification techniques provide detailed guidance for specifiers, templates of the used specification language that only need to be instantiated, and application independent validation criteria. We apply the agenda approach to a particular class of embedded safety-critical systems, the formal specification of which has been investigated in the case-studies of the German Espress project during the last two years.
    BibTeX:
    @article{Grieskamp2001,
      year = {2001},
      title = {Specifying Safety-Critical Embedded systems with {S}tatecharts and {Z}: An Agenda for Cyclic Software Components},
      author = {Grieskamp, Wolfgang and Heisel, Maritta and D{\"{o}}rr, Heiko},
      journal = {Science of Computer Programming},
      volume = {40},
      pages = {31--57}
    }
    
    2000 Toward an Evolutionary Software Technology Heisel, M. Modelling Software System Structures in a fastly moving scenario    
    Abstract: to be inserted
    BibTeX:
    @inproceedings{Heisel2000,
      year = {2000},
      title = {Toward an Evolutionary Software Technology},
      booktitle = {Modelling Software System Structures in a fastly moving scenario},
      author = {Heisel, Maritta},
      publisher = {Dipartimento di Informatica e Scienze dell'Informazione, Universita' di Genova},
      note = {http://www.disi.unige.it/person/ReggioG/PROCEEDINGS/}
    }
    
    2000 A heuristic algorithm to detect feature interactions in requirements Heisel, M. & Souquières, J. Language Constructs for Describing Features   Springer-Verlag  
    Abstract: We present a method to systematically detect feature interactions in requirements,
    which are expressed as constraints on system event traces. We show its application on the lift
    system, incorporating new features to a simple lift, concerning the lift overfull and the executive
    floor with priority. This method is part of a broader approach to requirements elicitation
    and formal specification.
    BibTeX:
    @incollection{HS2000,
      year = {2000},
      title = {A heuristic algorithm to detect feature interactions in requirements},
      booktitle = {Language Constructs for Describing Features},
      author = {Heisel, Maritta and Souqui{\`{e}}res, Jeanine},
      publisher = {Springer-Verlag},
      pages = {143--162},
      url = {http://www.springerlink.com/}
    }
    
    2000 Une méthode pour l'élicitation des besoins: application au système de contrôle d'accès Souquières, J. & Heisel, M. Proceedings Approches Formelles dans l'Assistance au Développement de Logiciels - AFADL'2000    
    Abstract: Cet article présente l'utilisation d'une approche systématique pour clarifier et analyser les besoins sur l'étude de cas d'un système de contrôle d'accès. L'approche intègre une détection systématique des interactions entre les différents besoins.
    BibTeX:
    @inproceedings{Souqui`eres2000,
      year = {2000},
      title = {Une m{\'{e}}thode pour l'{\'{e}}licitation des besoins: application au syst{\`{e}}me de contr{\^{o}}le d'acc{\`{e}}s},
      booktitle = {Proceedings Approches Formelles dans l'Assistance au D{\'{e}}veloppement de Logiciels - AFADL'2000},
      author = {Souqui{\`{e}}res, Jeanine and Heisel, Maritta},
      publisher = {LSR-IMAG, Grenoble},
      pages = {36--50},
      note = {http://www-lsr.imag.fr/afadl/Programme/ProgrammeAFADL2000.html}
    }
    
    2000 A Method for Systematic Requirements Elicitation: Application to the Light Control System Souquières, J. & Heisel, M.    
    Abstract: This paper demonstrates the use of a systematic approach to clarify and analyze requirements of the light control case study. The approach includes a formalization of the requirements and the analysis of interactions between them.
    BibTeX:
    @techreport{Souqui`eres2000a,
      year = {2000},
      title = {A Method for Systematic Requirements Elicitation: Application to the Light Control System},
      author = {Souqui{\`{e}}res, Jeanine and Heisel, Maritta},
      number = {A00-R-090}
    }
    

    Created by JabRef on 13/03/2018.

  • Patterns [Veröffentlichungen]
  • Privacy [Veröffentlichungen]
  • Requirements Engineering [Veröffentlichungen]
  • Safety [Veröffentlichungen]
  • Security [Veröffentlichungen]
  • Software Architecture [Veröffentlichungen]
  • Software Quality [Veröffentlichungen]
  • Test [Veröffentlichungen]